Heap-based Buffer Overflow in Windows FTP Service by Microsoft
CVE-2026-49172
9.8CRITICAL
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-49172?
The vulnerability in the Windows FTP Service is a heap-based buffer overflow that enables an unauthorized attacker to execute arbitrary code remotely over a network. This exploit can lead to significant security risks, allowing attackers to potentially take control of affected systems. It is crucial for users to apply the necessary security updates to mitigate this risk adequately.
Affected Version(s)
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.9339
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.9020
Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7548