Multiple CVEs Affect Windows Drivers with Race Condition Vulnerabilities

Severity: Medium (Score: 57.8)

Sources: Api.Msrc.Microsoft

Summary

Two critical vulnerabilities have been identified in Windows drivers, both published on May 12, 2026. CVE-2026-32161 affects the Windows Native WiFi Miniport Driver, allowing unauthorized attackers to execute code over adjacent networks. CVE-2026-34345 impacts the Windows Ancillary Function Driver for WinSock, enabling authorized attackers to elevate privileges locally. Both vulnerabilities arise from improper synchronization in concurrent execution using shared resources, known as race conditions. The scope of impact includes systems running affected versions of Windows. Immediate action is recommended to mitigate potential exploitation. No active exploitation has been reported as of the publication date. Users are advised to monitor for updates and apply patches as they become available. Key Points: • CVE-2026-32161 allows unauthorized code execution via WiFi Miniport Driver. • CVE-2026-34345 enables local privilege escalation through Ancillary Function Driver. • Both vulnerabilities stem from race conditions in Windows drivers.

Key Entities

• Privilege Escalation (attack_type)
• Zero-day Exploit (attack_type)
• Cwe-362 - Race Condition (cwe)
• T1068 - Exploitation for Privilege Escalation (mitre_attack)
• Windows (platform)