Volerion logoVolerion
Volerion logoVolerion

Microsoft Windows SPNEGO Extended Negotiation Privilege Escalation Vulnerability

Vulnerability

A vulnerability allowing local privilege escalation has been identified in the SPNEGO Extended Negotiation security mechanism of Windows. This issue arises from an integer overflow or wraparound, which could be exploited by an authorized attacker to gain elevated privileges. The vulnerability affects several versions of Windows, including various releases of Windows Server and Windows 10, as well as Windows 11.

Impact

Exploitation of this vulnerability could allow an attacker to gain SYSTEM privileges.

Remediation

Users can download the security update for this vulnerability through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5065427, KB5065431, KB5065428, and KB5065509.

Added: Sep 9, 2025, 6:18 PM
Updated: Sep 9, 2025, 6:18 PM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
7.5
exploitability
3.3
remediation
7.7
relevance
0.5
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.