CVE-2026-33824

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 Version 1607 versions 10.0.14393.0 through 10.0.14393.9059

Description A double free issue exists in the Windows IKE Extension. This flaw allows an unauthorized remote attacker to trigger memory corruption in the IKE service extensions, potentially leading to arbitrary code execution over the network with SYSTEM privileges. The issue affects IKEv2 and requires no authentication or user interaction.

Recommendations Update Microsoft Windows 10 Version 1607 to version 10.0.14393.9060 or later.

Fix

RCE

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2026-05343

CVE-2026-33824

Affected Products

Windows

Windows 10

CVE-2026-33824

Weakness Enumeration

Related Identifiers

Affected Products

References · 44