PT-2026-40162 · Microsoft · Windows Application Identity Subsystem+1
Published
2026-05-12
·
Updated
2026-05-12
·
CVE-2026-34343
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Windows Application Identity (AppID) Subsystem (affected versions not specified)
Description
A heap-based buffer overflow in the Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally to SYSTEM. A heap overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially allowing the execution of arbitrary code.
Recommendations
Apply the patch released on May 12.
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Application Identity Subsystem