Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows TCP/IP Heap-Based Buffer Overflow Vulnerability Allowing Local Privilege Escalation
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the Windows TCP/IP stack. This vulnerability allows an authorized attacker to locally elevate privileges by interacting with the tcpip.sys kernel driver. The issue affects several versions of Windows, including various releases of Windows 10, Windows 11, Windows Server 2012, 2016, 2019, 2022, and 2025, as well as Windows Server 2012 R2.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights on the system.
Remediation
Users can apply the security update for this vulnerability, which is available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5087420, KB5087538, KB5087544, KB5087470, KB5087471, KB5087537, KB5089548, KB5087541, KB5087539, and KB5087423.
Added: May 12, 2026, 8:17 PM
Updated: May 12, 2026, 8:17 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
2.7remediation
7.7relevance
8.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.