Vulnerability Details CVE-2026-20830
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.2%
CVSS Severity
CVSS v3 Score 7.0
Products affected by CVE-2026-20830
-
cpe:2.3:o:microsoft:windows_server_2025:-
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2033
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2314
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2605
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2894
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3107
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3194
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3403
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3476
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3775
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3781
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3981
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4061
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4066
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4270
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4349
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4652
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4656
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4851
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4946
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6508
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6563
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6584
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6899
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6905
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7092
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7171