{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32072", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-03-10T22:02:18.666Z", "datePublished": "2026-04-14T16:58:17.336Z", "dateUpdated": "2026-04-15T21:55:09.343Z"}, "containers": {"cna": {"title": "Active Directory Spoofing Vulnerability", "datePublic": "2026-04-14T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.20348.0", "versionEndExcluding": "10.0.20348.5020"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.19044.0", "versionEndExcluding": "10.0.19044.7184"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.19045.0", "versionEndExcluding": "10.0.19045.7184"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.32690"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26200.0", "versionEndExcluding": "10.0.26200.8246"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6936"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6936"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.25398.0", "versionEndExcluding": "10.0.25398.2274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.8246"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.32690"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.28000.0", "versionEndExcluding": "10.0.28000.1836"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1607", "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19044.0", "lessThan": "10.0.19044.7184", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19045.0", "lessThan": "10.0.19045.7184", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "platforms": ["ARM64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.8246", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26200.0", "lessThan": "10.0.26200.8246", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 version 26H1", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.28000.0", "lessThan": "10.0.28000.1836", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2016", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2016 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2022", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2025", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2025 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-287: Improper Authentication", "lang": "en-US", "type": "CWE", "cweId": "CWE-287"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-15T21:55:09.343Z"}, "references": [{"name": "Active Directory Spoofing Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32072"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 6.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T19:13:30.353920Z", "id": "CVE-2026-32072", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:13:38.535Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32072", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T19:13:30.353920Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:13:35.008Z"}}], "cna": {"title": "Active Directory Spoofing Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1607", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "versions": [{"status": "affected", "version": "10.0.19044.0", "lessThan": "10.0.19044.7184", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "versions": [{"status": "affected", "version": "10.0.19045.0", "lessThan": "10.0.19045.7184", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom"}], "platforms": ["ARM64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.8246", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "versions": [{"status": "affected", "version": "10.0.26200.0", "lessThan": "10.0.26200.8246", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 version 26H1", "versions": [{"status": "affected", "version": "10.0.28000.0", "lessThan": "10.0.28000.1836", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2016", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2016 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2022", "versions": [{"status": "affected", "version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2025", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2025 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2026-04-14T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32072", "name": "Active Directory Spoofing Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287: Improper Authentication"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.20348.5020", "versionStartIncluding": "10.0.20348.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.19044.7184", "versionStartIncluding": "10.0.19044.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.19045.7184", "versionStartIncluding": "10.0.19045.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.32690", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.26200.8246", "versionStartIncluding": "10.0.26200.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.22631.6936", "versionStartIncluding": "10.0.22631.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.22631.6936", "versionStartIncluding": "10.0.22631.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.25398.2274", "versionStartIncluding": "10.0.25398.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.8246", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.32690", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.28000.1836", "versionStartIncluding": "10.0.28000.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-15T17:16:23.141Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32072", "state": "PUBLISHED", "dateUpdated": "2026-04-15T17:16:23.141Z", "dateReserved": "2026-03-10T22:02:18.666Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-04-14T16:58:17.336Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally."}], "id": "CVE-2026-32072", "lastModified": "2026-04-14T18:17:07.840", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-04-14T18:17:07.840", "references": [{"source": "secure@microsoft.com", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32072"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 1607", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_1607", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 1809", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_1809", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19044.0,10.0.19044.7184)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 21H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_21h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19045.0,10.0.19045.7184)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 22H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_22h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.22631.0,10.0.22631.6936)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 version 22H3", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_22h3", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.22631.0,10.0.22631.6936)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 23H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_23h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 24H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_24h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26200.0,10.0.26200.8246)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 25H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_25h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.28000.0,10.0.28000.1836)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 version 26H1", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_26h1", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2016", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2016", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2016 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2016_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2019", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2019", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2019 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2019_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.20348.0,10.0.20348.5020)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2022", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2022", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.25398.0,10.0.25398.2274)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2022,_23h2_edition_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2025", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2025", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2025 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2025_(server_core_installation)", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-04-14T19:49:06.913151+00:00", "value": {"mitigation_remediation": ["Install the latest Windows security update that addresses CVE\u20112026\u201132072 via Windows Update or the Microsoft Security Advisory.", "Verify that all affected Windows client and server versions have received the patch; if a system cannot be updated, consider migrating to a supported OS with the fix.", "Monitor Active Directory logs for signs of unauthorized account impersonation, reviewing event logs for unusual authentication patterns.", "Apply strict AD hardening controls, including multi\u2011factor authentication for privileged accounts and the principle of least privilege.", "Maintain regular backups of domain controllers and test recovery procedures to ensure rapid restoration of service."], "summary": {"action": "Apply Patch", "impact": "Identity Spoofing"}, "threat_synthesis": {"affected_systems": "Affected systems include Microsoft Windows client operating systems such as Windows\u00a010 releases 1607,\u202f1809,\u202f21H2,\u202f22H2, and Windows\u00a011 releases 23H2,\u202f24H2,\u202f25H2,\u202f26H1,\u202f22H3,\u202f26H1, as well as Windows Server editions 2016,\u202f2019,\u202f2022,\u202f2025, and 23H2 in both standard and Server\u2011Core installations.", "description_and_impact": "This vulnerability is an instance of improper authentication (CWE\u2011287), allowing an unauthorized local attacker to spoof legitimate Active Directory accounts. The flaw can be used to impersonate domain users without valid credentials, thereby accessing resources that rely on AD authentication and potentially compromising the integrity of the authentication system.", "risk_and_exploitability": "The CVSS score of 6.2 indicates moderate severity, and no EPSS score is publicly available; it is also not listed in the CISA KEV catalog. The likely attack vector is local, requiring the attacker to have physical or local user access to the system. Exploitation allows the creation of a spoofed account that can be used for unauthorized access, lateral movement, or compromising critical resources within the domain."}}}}, "created": "2026-04-15T14:45:03.395428+00:00", "updated": "2026-04-15T16:45:09.591179+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$windows_10_1607", "microsoft$PRODUCT$windows_10_1809", "microsoft$PRODUCT$windows_10_21h2", "microsoft$PRODUCT$windows_10_22h2", "microsoft$PRODUCT$windows_11_22h3", "microsoft$PRODUCT$windows_11_23h2", "microsoft$PRODUCT$windows_11_24h2", "microsoft$PRODUCT$windows_11_25h2", "microsoft$PRODUCT$windows_11_26h1", "microsoft$PRODUCT$windows_server_2016", "microsoft$PRODUCT$windows_server_2016_(server_core_installation)", "microsoft$PRODUCT$windows_server_2019", "microsoft$PRODUCT$windows_server_2019_(server_core_installation)", "microsoft$PRODUCT$windows_server_2022", "microsoft$PRODUCT$windows_server_2022,_23h2_edition_(server_core_installation)", "microsoft$PRODUCT$windows_server_2025", "microsoft$PRODUCT$windows_server_2025_(server_core_installation)"]}