PT-2026-32783 · Microsoft · Windows Tcp/Ip+1

Angelboy

Published

2026-04-14

Updated

2026-04-17

CVE-2026-27921

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows TCP/IP (affected versions not specified)

Description A race condition occurs in the Windows TCP/IP stack, specifically within the tdx.sys translation driver. This issue is a Time-of-Check to Time-of-Use (TOCTOU) flaw, where concurrent execution using a shared resource with improper synchronization allows an authorized attacker with local access to elevate privileges to the kernel level.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

BDU:2026-05436

CVE-2026-27921

Affected Products

Windows

Windows Tcp/Ip

PT-2026-32783 · Microsoft · Windows Tcp/Ip+1

CVE-2026-27921

Weakness Enumeration

Related Identifiers

Affected Products

References · 7