CVE-2026-50697
Awaiting Analysis Awaiting Analysis - Queue

Exposure of Sensitive Information in Windows Common Log File System Driver

Vulnerability report for CVE-2026-50697, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-15

Assigner: Microsoft Corporation

Description

Exposure of sensitive information to an unauthorized actor in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-15
Generated
2026-07-15
AI Q&A
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 22 associated CPEs
Vendor Product Version / Range
microsoft windows_server_2012 r2
microsoft windows_server_2012 *
microsoft windows_11_26h1 to 10.0.28000.2269 (exc)
microsoft windows_10_1607 to 10.0.14393.9339 (exc)
microsoft windows_10_1607 to 10.0.14393.9339 (exc)
microsoft windows_10_1809 to 10.0.17763.9020 (exc)
microsoft windows_10_1809 to 10.0.17763.9020 (exc)
microsoft windows_server_2016 to 10.0.14393.9339 (exc)
microsoft windows_server_2019 to 10.0.17763.9020 (exc)
microsoft windows_server_2022 to 10.0.20348.5386 (exc)
microsoft windows_server_2025 to 10.0.26100.33158 (exc)
microsoft windows_11_26h1 to 10.0.28000.2525 (exc)
microsoft windows_11_24h2 to 10.0.26100.8875 (exc)
microsoft windows_11_24h2 to 10.0.26100.8875 (exc)
microsoft windows_10_21h2 to 10.0.19044.7548 (exc)
microsoft windows_10_21h2 to 10.0.19044.7548 (exc)
microsoft windows_10_21h2 to 10.0.19044.7548 (exc)
microsoft windows_10_22h2 to 10.0.19045.7548 (exc)
microsoft windows_10_22h2 to 10.0.19045.7548 (exc)
microsoft windows_10_22h2 to 10.0.19045.7548 (exc)
microsoft windows_11_25h2 to 10.0.26200.8875 (exc)
microsoft windows_11_25h2 to 10.0.26200.8875 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-50697 is a vulnerability in the Windows Common Log File System Driver. It involves the exposure of sensitive information to an unauthorized actor. This flaw allows an attacker who already has authorized access to the system to elevate their privileges locally, meaning they can gain higher-level permissions than they were originally granted.

The vulnerability is classified as an elevation of privilege (EoP) issue, which means it does not allow remote exploitation but can be used by an attacker who has some level of access to the system to gain further control.

Impact Analysis

If you are affected by this vulnerability, an attacker with local access to your system could exploit it to elevate their privileges. This could lead to several potential impacts:

  • Unauthorized access to sensitive data stored on the system, as the attacker could gain higher privileges to read or modify files.
  • Execution of arbitrary code with elevated permissions, potentially allowing the attacker to install malware, create new user accounts, or disable security controls.
  • Compromise of the entire system, as the attacker could gain administrative or SYSTEM-level privileges, leading to full control over the affected machine.

This vulnerability is particularly dangerous in environments where multiple users share a system or where untrusted users have local access.

Compliance Impact

This vulnerability could have implications for compliance with several standards and regulations, depending on the context of the affected system:

  • GDPR (General Data Protection Regulation): If the system stores or processes personal data of EU citizens, an attacker exploiting this vulnerability could gain unauthorized access to that data. This could lead to a data breach, which must be reported under GDPR. Failure to protect against such vulnerabilities could result in fines or penalties for non-compliance.
  • HIPAA (Health Insurance Portability and Accountability Act): For systems handling protected health information (PHI), this vulnerability could allow an attacker to access or modify sensitive patient data. This would constitute a breach under HIPAA, requiring notification and potentially leading to penalties if proper safeguards were not in place.
  • Other standards like PCI DSS (Payment Card Industry Data Security Standard): If the system processes payment card data, this vulnerability could lead to unauthorized access to cardholder data, violating PCI DSS requirements and potentially resulting in fines or loss of payment processing capabilities.

Organizations should assess whether their systems are affected by this vulnerability and apply patches or mitigations promptly to avoid compliance risks.

Mitigation Strategies

Apply the security update provided by Microsoft to address CVE-2026-50697. This update will patch the vulnerability in the Windows Common Log File System Driver.

Ensure that all systems running affected versions of Windows are updated as soon as possible to prevent potential exploitation.

  • Visit the Microsoft Update Guide for CVE-2026-50697 to download and install the latest security patches.
  • Monitor Microsoft's official communications for any additional guidance or updates related to this vulnerability.
Detection Guidance

Detection requires monitoring for unusual privilege escalation attempts or unauthorized access to sensitive information in Windows Common Log File System Driver logs. Check for unexpected system calls or log file modifications using built-in Windows tools like Event Viewer or PowerShell commands to audit driver activity.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50697. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart