Home
MEDIUM: 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10.0.14393.0 (custom) before 10.0.14393.9339
affected
10.0.17763.0 (custom) before 10.0.17763.9020
affected
10.0.19044.0 (custom) before 10.0.19044.7548
affected
10.0.19045.0 (custom) before 10.0.19045.7548
affected
10.0.26100.0 (custom) before 10.0.26100.8875
affected
10.0.26200.0 (custom) before 10.0.26200.8875
affected
10.0.28000.0 (custom) before 10.0.28000.2269
affected
6.3.9600.0 (custom) before 6.3.9600.23291
affected
6.3.9600.0 (custom) before 6.3.9600.23291
affected
10.0.14393.0 (custom) before 10.0.14393.9339
affected
10.0.14393.0 (custom) before 10.0.14393.9339
affected
10.0.17763.0 (custom) before 10.0.17763.9020
affected
10.0.17763.0 (custom) before 10.0.17763.9020
affected
10.0.20348.0 (custom) before 10.0.20348.5386
affected
10.0.26100.0 (custom) before 10.0.26100.33158
affected
10.0.26100.0 (custom) before 10.0.26100.33158
affected
Description
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack.
Problem types
CWE-190: Integer Overflow or Wraparound
CWE-122: Heap-based Buffer Overflow
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50299 (Windows Storage Spaces Direct Remote Code Execution Vulnerability)