Csa.Sg
Critical Vulnerability Discovered in WinFsp File System Software
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The Cyber Security Agency (CSA) has issued a CVE ID (CVE-2026-7162) for a critical vulnerability in WinFsp, an open-source Windows file system software. This integer overflow vulnerability could allow attackers to gain system-level access to affected systems. The vulnerability impacts WinFsp versions 2.2.26112 and earlier, and has a CVSS score of 7.8, indicating a high severity level. Users and administrators are strongly advised to update to the latest version immediately to mitigate risks. The Product Owner of WinFsp has already released a security update to address this issue. The vulnerability was disclosed as part of CSA's Responsible Vulnerability Disclosure Policy. Immediate action is recommended to prevent potential exploitation.
Key Points: • CVE-2026-7162 identifies a critical integer overflow vulnerability in WinFsp. • Affected versions include WinFsp 2.2.26112 and earlier, with a CVSS score of 7.8. • Users must update to the latest version immediately to avoid system-level access risks.