CVE-2026-49801
Received Received - Intake

Use of Uninitialized Resource in Windows SMB Allows Local Information Disclosure

Vulnerability report for CVE-2026-49801, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-14

Assigner: Microsoft Corporation

Description

Use of uninitialized resource in Windows SMB allows an authorized attacker to disclose information locally.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-14
Generated
2026-07-14
AI Q&A
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
microsoft windows_smb *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-908 The product uses or accesses a resource that has not been initialized.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-49801 is a vulnerability in Windows SMB (Server Message Block) that involves the use of an uninitialized resource. This flaw allows an authorized attacker with local access to disclose sensitive information from the system.

The vulnerability arises because the SMB component does not properly initialize a resource before it is accessed, which can lead to the exposure of memory contents or other sensitive data.

The CVSS v3.1 score for this vulnerability is 5.5, indicating a medium severity level. The vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N means the attack requires local access (AV:L), low attack complexity (AC:L), low privileges (PR:L), no user interaction (UI:N), and has a high impact on confidentiality (C:H) but no impact on integrity or availability.

Impact Analysis

If you are using a system with Windows SMB, this vulnerability could impact you in the following ways:

  • An authorized attacker with local access to your system could exploit this flaw to disclose sensitive information, such as memory contents or other confidential data.
  • The disclosed information could include credentials, personal data, or other sensitive details stored or processed by the system.

Since the attacker needs local access and low privileges, the risk is higher in environments where multiple users share a system or where unauthorized users might gain physical or logical access.

Compliance Impact

This vulnerability could affect compliance with common standards and regulations in the following ways:

  • GDPR (General Data Protection Regulation): If the disclosed information includes personal data of EU citizens, this could lead to a breach of GDPR. Organizations must ensure the confidentiality of personal data, and unauthorized disclosure could result in fines or legal action.
  • HIPAA (Health Insurance Portability and Accountability Act): If the system processes or stores protected health information (PHI), this vulnerability could lead to unauthorized disclosure of PHI, violating HIPAA's privacy and security rules. This could result in penalties for non-compliance.
  • Other standards like ISO 27001 or NIST frameworks require organizations to protect sensitive information from unauthorized access. Failure to mitigate this vulnerability could result in non-compliance with these standards.

Organizations should assess the potential impact of this vulnerability on their compliance posture and take appropriate measures to mitigate the risk, such as applying patches or implementing compensating controls.

Detection Guidance

The provided context does not include specific detection methods or commands for identifying the vulnerability described in CVE-2026-49801. Detection may require checking for uninitialized resource usage in Windows SMB, but no technical details or tools are mentioned.

For accurate detection guidance, refer to Microsoft's official documentation or security updates, as they may provide tools or scripts to identify affected systems.

Mitigation Strategies

The provided context does not specify immediate mitigation steps for CVE-2026-49801. However, general best practices for addressing such vulnerabilities include:

  • Apply the latest security updates or patches provided by Microsoft for Windows SMB, as referenced in Resource 1.
  • Restrict local access to authorized users only, as the vulnerability requires local access for exploitation.
  • Monitor Microsoft's security advisories for additional guidance or workarounds.

For precise mitigation steps, consult the official Microsoft update guide linked in Resource 1.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49801. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart