Windows TCP/IP Elevation of Privilege Vulnerability

Plan PatchCVSS 9.6CVE-2026-42904Jun 9, 2026

Microsoft

IT in OT - Windows Server and Active Directory are widely deployed in OT environments

Attack path

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Heap-based buffer overflow in Windows TCP/IP stack allows an attacker on the same local network to elevate privileges without authentication. Exploitation is rated as unlikely based on current threat assessment. Vendor patches are available for all affected Windows versions.

What this means

What could happen

A neighboring device on your network could exploit a flaw in Windows TCP/IP to gain system-level privileges on your Windows servers or workstations, allowing them to run commands, access data, or disrupt operations.

Who's at risk

Any organization running Windows Server 2022, Windows Server 2025, Windows 10, or Windows 11 in OT environments—including SCADA hosts, HMI servers, data historians, and engineering workstations. Water authorities and utilities using Windows-based control systems are directly at risk.

How it could be exploited

An attacker on the same local network segment (adjacent network) sends specially crafted TCP/IP packets to trigger a heap buffer overflow in the Windows TCP/IP stack. If successful, the attacker gains elevated privileges (system-level access) without needing valid credentials or user interaction.

Prerequisites

Network presence on the same local network segment or subnet as the target Windows system
No authentication or special credentials required
Target system must be running an unpatched version of the affected Windows OS

remotely exploitable from adjacent networklow complexity attackno authentication requiredhigh CVSS score (9.6)affects Windows core networking in all modern versions

Exploitability

Unlikely to be exploited — EPSS score 0.4%

Affected products (18)

18 with fix

ProductAffected VersionsFix Status

Windows Server 2022All versionsBuild 10.0.20348.5256

Windows Server 2022 (Server Core installation)All versionsBuild 10.0.20348.5256

Windows 10 Version 21H2 for 32-bit SystemsAll versionsBuild 10.0.19044.7417

Windows 10 Version 21H2 for ARM64-based SystemsAll versionsBuild 10.0.19044.7417

Windows 10 Version 21H2 for x64-based SystemsAll versionsBuild 10.0.19044.7417

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

Windows Server 2022

HOTFIXApply the June 2026 Windows security update to all Windows Server 2022, Windows Server 2025, Windows 10, and Windows 11 systems

Long-term hardening

0/2

HARDENINGIsolate OT engineering workstations and HMI servers on a dedicated network segment with strict access controls to limit exposure from adjacent networks

HARDENINGImplement network segmentation to prevent direct Layer 2 (subnet) connectivity between untrusted devices and Windows-based control systems

CVEs (1)

CVE-2026-42904

View full vendor advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/51eb4210-5650-4461-ad88-d1cd6eb05729

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.