Windows Function Discovery Service Privilege Escalation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.0

Windows Function Discovery Service Privilege Escalation Vulnerability

CVE-2026-32093

Summary

An attacker with authorized access to a Windows system can potentially gain elevated privileges by exploiting a flaw in the Function Discovery Service. This could allow the attacker to access sensitive data or perform actions they shouldn't be able to do. If you have Function Discovery Service installed, you should check for updates and follow best practices to prevent unauthorized access.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.0

Vulnerability type

CWE-122 Heap-based Buffer Overflow

CWE-362 Race Condition

CWE-367

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32093

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026