CVE-2026-20819 - Vulnerability Details - OpenCVE

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 11 23h2 Windows 11 24h2 Windows 11 2h2

No data.

No data.

No data.

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20819

History

Tue, 13 Jan 2026 18:15:00 +0000

Type	Values Removed	Values Added
Description		Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.
Title		Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
First Time appeared		Microsoft Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows 11 2h2
Weaknesses		CWE-822
CPEs		cpe:2.3:o:microsoft:windows_11_23H2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_23H2:::::::x64:* cpe:2.3:o:microsoft:windows_11_24H2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_2H2:::::::x64:*
Vendors & Products		Microsoft Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows 11 2h2
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20819
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C'}`

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2026-01-13T17:56:15.181Z

Updated: 2026-01-13T18:04:01.750Z

Reserved: 2025-12-03T05:54:20.373Z

Link: CVE-2026-20819

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-13T18:16:08.983

Modified: 2026-01-13T18:16:08.983

Link: CVE-2026-20819

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20819", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-12-03T05:54:20.373Z", "datePublished": "2026-01-13T17:56:15.181Z", "dateUpdated": "2026-01-13T18:04:01.750Z"}, "containers": {"cna": {"title": "Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability", "datePublic": "2026-01-13T08:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_2H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.26200.0", "versionEndExcluding": "10.0.26200.7623"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6491"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6491"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.7623"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "versions": [{"version": "10.0.26200.0", "lessThan": "10.0.26200.7623", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "platforms": ["ARM64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6491", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6491", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.7623", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-822: Untrusted Pointer Dereference", "lang": "en-US", "type": "CWE", "cweId": "CWE-822"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-01-13T18:04:01.750Z"}, "references": [{"name": "Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20819"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"}}]}}}