CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

...

CVE-2026-26153

CVE-2026-26153 describes an out-of-bounds read in the Windows Encrypting File System (EFS) that could allow an authorized, locally authenticated attacker to obtain elevated privileges. The vulnerability is associated with EFS in Windows and is listed across multiple sources (NVD, CVE databases, M...

CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

...

Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Encrypting File System EFS allows an authorized attacker to elevate privileges locally...

KLA90980 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code, cause denial of service, read local...

EUVD-2017-18919

NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220 contain a malicious nssock2.dll that implements a multi-stage, DNS-based backdoor. The dormant library contacts a C2 DNS server via a specially crafted TXT...

EUVD-2000-0419

Malware in sbrugna...

EUVD-2001-0261

Malware in sbrugna...

CVE-2024-36495

The application Faronics WINSelect Standard + Enterprise saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect Enterprise configuration file is:...

July 12, 2022—KB5015808 (OS Build 14393.5246) - EXPIRED

July 12, 2022—KB5015808 OS Build 14393.5246 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 11/19/20 For...

PT-2022-9996 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper validation of buffer size input to the EFS file, which can lead to memory corruption in various Qualcomm Snapdragon products, including Snapdrag...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products th...

Qualcomm 多款产品安全漏洞

Qualcomm Qca chips and others are products of Qualcomm Incorporated, a U.S. company.The Qualcomm Qca chip is a Bluetooth module chip.The Qualcomm Qcs chip is a high-performance IoT system-on-chip.The Qualcomm Sd chip is a processor.The Qualcomm Qca chip is a Bluetooth module chip.The Qualcomm Qcs...

CVE-2021-29861

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information. IBM X-Force ID: 206085...

August 10, 2021—KB5005031 (OS Build 18363.1734)

August 10, 2021—KB5005031 OS Build 18363.1734 EXPIRATION NOTICE As of 9/12/2023, KB5005031 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quali...

August 10, 2021—KB5005089 (Security-only update)

August 10, 2021—KB5005089 Security-only update Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

Event 55 when you copy an encrypted folder to EFS shared folder in Windows

Event 55 when you copy an encrypted folder to EFS shared folder in Windows Symptoms Assume that you enable Encryption File System EFS on a shared folder on a computer that is running Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7 Service Pack 1 SP1, Windows Server...

October 27, 2016 — KB3197954 (OS Build 14393.351)

October 27, 2016 — KB3197954 OS Build 14393.351 This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Start, File Explorer, action center, graphics, and the Windows kernel...

UBUNTU-CVE-2010-3074

SSLCipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack...

CVE-2002-0788

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System EFS, creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain...