—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Remote Code Execution Vulnerability in Windows Local Security Authority Subsystem Service (LSASS) 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Windows Server 2025 (Server Core installation) affected from 10.0.26100.0 before 10.0.26100.32230 

Windows 11 Version 24H2 for x64-based Systems, ARM64-based Systems affected from 10.0.26100.0 before 10.0.26100.7623 

Windows 11 Version 25H2 for x64-based Systems, ARM64-based Systems affected from 10.0.26200.0 before 10.0.26200.7623

Overview

A vulnerability has been reported in the Microsoft Windows Local Security Authority Subsystem Service (LSASS). This vulnerability could allow an authorized attacker to execute arbitrary over a network.

Target Audience:

All organizations and individuals using Microsoft Windows.

Risk Assessment:

There is a high risk of full system compromise or data theft if this vulnerability is exploited.

Impact Assessment:

Successful exploitation may lead to arbitrary code execution or disclosure of sensitive information.

Description

The Windows Local Security Authority Subsystem Service (LSASS) is a core process in Microsoft Windows operating systems responsible for enforcing system security policies.

A vulnerability in window LSASS due to use after free. This could allow an authorized attacker to execute programs over a network.

Successful exploit of this vulnerability could allow an authorized attacker to execute arbitrary code on the affected system.

Solution

Apply appropriate updates as mentioned by the vendor.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20854

Vendor Information

Microsoft

https://www.microsoft.com/

References

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20854

CVE Name

CVE-2026-20854

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmluIg8ACgkQ3jCgcSdc

ys/yPQ/+LXmrxKx3dpp7tfv29xbPifQhitdFzO3uWK3LQ3e3GzCidhYvZooKmNvU

O9ig3pLgz2Y/IgOatCKvXsklWLlCDNVZFmlwuWOJ9uDRvoIP9nq++7vwASsssOMi

X7mX8ohWPIIFHo3V2QvVXqsPnCltC3ooBosWGl2dg6r8/0z4R0mY2/50N0qeqLD1

NHzEWGQd2AXfgNBfQYeO45eFPxblF8u315W49Ig/fevORv37JmCdWRMhEYNxXFdW

oCMo21nkGx8NGUGoZT3LXAFPIcR8qqzi8Ha6U/g8sLhuwHGyLqB/ZUnJfaHkX+hN

RNK6JbJL1DkY5OwRF22cUPN78MX3tE5ZiRzFP3PnQqMDa98HwPxr8vvNIUTurfqy

Q5CEdlNUhzw2+xITYIP/xx72Dwnl3MMGycSxYlkmUFMLQJUTbg0aJSXaslf4K7bL

kJhl1DBwBb3TR+1XbKBAQHEeAhKGv6ADrBBl3BKdj3j9XTelWFQ9nEd3w7d9SfrM

hS2vgU6Gv9iHBaQ5bCE5vTEk9J2OJbdhtf89kxLz6bgJ+1RezpEsVejVU4u1f5G5

mHSQH4ZZihtI188xcH/mQoQF41vG6peMuR9zJ3OpRQCrR/qxvMYS0LJtUw3b/luA

nllFk67xVhqQ2hs6/o7hFDXEoazNlNARu7QwkAQz+X2uhhocrBk=

=qLl9

—–END PGP SIGNATURE—–