Erik Egsgard

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** A null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to cause a local denial of service, which can lead to system crashes or connection failures. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Foxit PDF Editor/Reader versions prior to 2026.1, PDF Editor 14.x prior to 14.0.3, PDF Editor 13.x prior to 13.2.3 **Description** The Foxit PDF Editor/Reader update service loads system libraries from a search path that includes directories writable by low-privileged users. This allows a local attacker to place a malicious DLL in a writable directory, which the update service may load with SYSTEM privileges, resulting in local privilege escalation and arbitrary code execution. The vulnerability is a DLL search-order hijack, where the service loads a malicious DLL instead of a legitimate one. This can lead to full local compromise, persistence, lateral movement, and data exposure, especially on shared workstations, terminal servers, and VDI images. **Recommendations** Upgrade to PDF Editor/Reader 2026.1 or the listed fixed releases (PDF Editor 14.0.3, PDF Editor 13.2.3). If patching is delayed, restrict write permissions on directories in the updater search path and enforce least privilege for update/service accounts.

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified) Description: An integer overflow or wraparound in Windows SPNEGO Extended Negotiation can allow an authorized attacker to elevate privileges locally. This issue allows attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services (affected versions not specified) Description: An uncontrolled resource consumption issue in Windows Remote Desktop Services can allow an unauthorized attacker to cause a denial of service over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified) Description: The issue concerns a heap-based buffer overflow in the Windows Cred SSProvider Protocol. This allows an authorized attacker to elevate privileges locally. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Local Security Authority Server (lsasrv) (affected versions not specified) **Description** The issue is related to improper access control, which could allow an unauthorized attacker to deny service over a network. This could potentially leave systems vulnerable. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows LDAP versions prior to the fixed version **Description** The issue is related to uncontrolled resource consumption in the Lightweight Directory Access Protocol (LDAP) of Microsoft Windows operating systems. This can be exploited by a remote attacker to cause a denial of service. The protocol allows an unauthorized attacker to deny service over a network. **Recommendations** For Windows LDAP versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the LDAP service to minimize the risk of exploitation. Avoid using the vulnerable LDAP protocol until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Windows Cryptographic Services (affected versions not specified) **Description** The issue is related to a buffer overflow in dynamic memory within the Cryptographic service of Windows operating systems. This can be exploited by a remote attacker to execute arbitrary code, potentially affecting the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Cryptographic Services (affected versions not specified) **Description** The issue is related to insufficient input validation in Windows Cryptographic Services, which can be exploited to execute arbitrary code. This allows remote attackers to affect the system. There are reports of potential exploitation, but details about the estimated number of affected devices or real-world incidents are not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows CSC Service (affected versions not specified) **Description** The issue is related to an elevation-of-privilege vulnerability in the Windows CSC Service, which can be exploited due to improper address validation in IOCTL with METHOD NEITHER I/O Control Code in the csc.sys driver. This vulnerability allows attackers to gain SYSTEM privileges. A proof-of-concept (PoC) exploit has been released on GitHub. The vulnerability was initially considered to have a lower criticality, but the release of the exploit has increased its criticality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Cryptographic Services (affected versions not specified) **Description** The vulnerability is related to insufficient input validation in the Windows Cryptographic Services, which can be exploited to execute arbitrary code remotely. This issue may allow an attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2008 versions prior to Mar 14, 2023 Windows Server 2012 versions prior to Mar 14, 2023 Windows Server 2016 versions prior to Mar 14, 2023 Windows 10 versions prior to Mar 14, 2023 Windows 11 versions prior to Mar 14, 2023 Windows Server 2022 versions prior to Mar 14, 2023 Windows Server 2019 versions prior to Mar 14, 2023 **Description** The vulnerability is related to the implementation of the Internet Control Message Protocol (ICMP) in the Windows operating system kernel, which is associated with insufficient input validation. This issue can be exploited by a remote attacker to execute arbitrary code. The exploitation involves a low-level protocol error containing a fragmented IP packet in the header sent to the target machine. **Recommendations** For Windows Server 2008, update to a version released after Mar 14, 2023. For Windows Server 2012, update to a version released after Mar 14, 2023. For Windows Server 2016, update to a version released after Mar 14, 2023. For Windows 10, update to a version released after Mar 14, 2023. For Windows 11, update to a version released after Mar 14, 2023. For Windows Server 2022, update to a version released after Mar 14, 2023. For Windows Server 2019, update to a version released after Mar 14, 2023.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to a buffer overflow in memory, allowing an attacker to elevate their privileges. This can affect the system, potentially leading to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation-of-privilege vulnerability in the Windows HTTP.sys driver, which is associated with privilege management errors. Exploitation of this issue may allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Ancillary Function Driver for WinSock (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Ancillary Function Driver for WinSock, which can be exploited to elevate privileges. This allows an attacker to affect the system. No information is available about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Ancillary Function Driver for WinSock (affected versions not specified) **Description** The issue is related to a lack of protection for service data in the Windows Ancillary Function Driver for WinSock, which can be exploited by a remote attacker to gain unauthorized access to information. This can allow attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Ancillary Function Driver for WinSock (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Ancillary Function Driver for WinSock, which can be exploited to elevate privileges. This allows an attacker to affect the system. No information is available about the estimated number of potentially affected devices or real-world incidents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows operating system kernel, allowing an attacker to potentially elevate their privileges. This could impact the system's security. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.