""Presumably, threat actors would then use the address in the next stage of their exploit chain - probably gaining arbitrary code execution," according to Trend Micro's Zero Day Initiative Head of Threat Awareness Dustin Childs' analysis."
""Vulnerabilities of this nature are commonly used to undermine Address Space Layout Randomization (ASLR), a core operating system security control designed to protect against buffer overflows and other memory-manipulation exploits," Kev Breen, senior director of cyber threat research at Immersive, told The Register."
""By revealing where code resides in memory, this vulnerability can be chained with a separate code execution flaw, transforming a complex and unreliable exploit into a practical and repeatable attack," he added, while also dinging Redmond for not disclosing which other components may be involved in such an exploit chain."
CVE-2026-20805 permits an authorized attacker to leak a memory address from a remote ALPC port. Threat actors can use the leaked address in a follow-up exploit stage to likely achieve arbitrary code execution. The vulnerability undermines Address Space Layout Randomization (ASLR), enabling reliable exploit chaining with separate code-execution flaws. The flaw is rated CVSS 5.5 (medium). Microsoft's threat-intel team discovered the vulnerability and Microsoft released a patch. The U.S. CISA added CVE-2026-20805 to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement the fix by February 3. Immediate patching is strongly recommended.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]