CNNVD-202601-2120 Information

Jan 13, 2026 cve

CNNVD ID

CNNVD-202601-2120

CVE-2026-20854

  • CNNVD Published: 2026-01-13

Description (Chinese)

Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统。 Microsoft Windows存在资源管理错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Windows Server 2025 (Server Core installation),Windows 11 Version 25H2 for ARM64-based Systems,Windows 11 Version 25H2 for x64-based Systems,Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025。

Description (English)

Microsoft Windows is an operating system used by Microsoft (MS) in the United States of America for personal equipment. Microsoft Windows has an error in resource management. The attackers used the loophole to implement the code remotely. The following products and versions were affected: Windows Server 2025 (Server Core integration), Windows 11 Version 25H2 for ARM 64-based Systems, Windows 11 Version 25H2 for x64-based Systems, Windows 11 Version 24H2 for ARM 64-based Systems, Windows 11 Version 24H2 for ARM 64-based Systems, Windows 11 Version 24H2 for x64-based Systems, Windows 2025.

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

微软

Published

2026-01-13

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20854

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20854

Share on: