local privilege escalation

A privilege‑escalation vulnerability in the QEMU Guest Agent for Windows — tracked as CVE‑2023‑0664 — allows a local, unprivileged user inside a Windows virtual machine to manipulate the QEMU Guest Agent installer’s repair custom actions and obtain SYSTEM privileges inside the guest; the issue...

A critical local privilege‑escalation bug in Ceph’s crash‑handling service — tracked as CVE‑2022‑3650 — lets an attacker with low privileges escalate to root by abusing the cluster crash‑dump path, and operators must treat it as a high‑impact, operational risk until patched. Multiple downstream...

A buffer‑overflow flaw in Intel’s SSD Tools integration with the mdadm utility — tracked as CVE‑2023‑28736 — quietly landed on security lists in August 2023 and remains a textbook case in how a locally‑triggered memory corruption in low‑level storage tooling can produce outsized operational risk...

Microsoft has published an advisory for CVE-2026-21238 — an elevation-of-privilege issue in the Windows Ancillary Function Driver for WinSock (AFD, afd.sys) — and the security community is treating it as a high-priority patch-forcing vulnerability for endpoints and servers that accept local...

Microsoft’s security tracker now shows CVE-2026-21236 as an elevation-of-privilege issue in the Windows Ancillary Function Driver for WinSock (AFD.sys), a kernel‑mode driver that sits at the heart of Windows’ networking stack; the vendor entry and multiple community trackers confirm the CVE but...

A critical local privilege–escalation flaw has been disclosed in Mitsubishi Electric’s UPS shutdown utility, FREQSHIP-mini for Windows (CVE-2025-10314), affecting versions 8.0.0 through 8.0.2 and allowing a low‑privileged local user to gain SYSTEM privileges by replacing service executables or...

Siemens has published an urgent security advisory for TeleControl Server Basic after ProductCERT and national tracking authorities assigned CVE‑2025‑40942 to a local privilege escalation flaw that—if an attacker gains local access—could allow execution of arbitrary code with elevated rights...

Microsoft’s January 2026 security update wave confirmed an elevation-of-privilege vulnerability in the Desktop Window Manager (DWM) component of Windows, tracked as CVE-2026-20871, and the vendor’s advisory attaches a “confidence” metric that explicitly signals how certain Microsoft is about the...

Microsoft’s Security Update Guide lists CVE-2026-20830 as an elevation-of-privilege issue affecting the Capability Access Management Service (camsvc), but the vendor’s public entry is terse and delivered via an interactive, client-side page — meaning defenders must treat the advisory as...

Microsoft’s security telemetry has flagged a new elevation‑of‑privilege concern tied to Microsoft Office’s Click‑to‑Run (C2R) delivery component: CVE‑2026‑20943. The vulnerability is described in vendor advisories as an elevation‑of‑privilege (EoP) weakness in Click‑to‑Run packaging/service...

Microsoft’s Security Update Guide lists CVE-2026-20817 as a Windows Error Reporting vulnerability that can be abused by an authorized local attacker to elevate privileges on a host, and this advisory should be treated as an urgent patch-and-hunt item for any organization that wants to avoid...

Microsoft has recorded CVE-2026-20820 — a heap‑based buffer overflow in the Windows Common Log File System driver (clfs.sys) that Microsoft classifies as an elevation of privilege vulnerability; an authorized local attacker able to run code as a standard user or manipulate CLFS‑read inputs can...

Microsoft’s advisory identifies CVE-2026-20809 as a time-of-check/time-of-use (TOCTOU) race condition in Windows kernel memory that can be abused by an authorized local user to gain SYSTEM privileges — in short, a local elevation-of-privilege (EoP) vulnerability rooted in kernel memory...

Microsoft’s Security Response Center (MSRC) has recorded CVE-2026-20804: an incorrect privilege assignment in Windows Hello that, according to the vendor summary, “allows an unauthorized attacker to perform tampering locally.” This advisory was published by Microsoft and appears in the vendor’s...