CVE-2026-20842
dwmcore.dll — elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | dwmcore.dll (Desktop Window Manager Core Library) |
| Vulnerability Class | Elevation of Privilege |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | January 13, 2026 |
Root Cause
A vulnerability in the DWM Core Library allows a local attacker to escalate privileges. DWM runs as SYSTEM, so any code execution in the DWM process context yields full privileges.
Exploitation
The attacker sends crafted DWM operations to reach SYSTEM.
Exploitation Primitive
Crafted DWM operation → memory corruption
→ code execution in DWM (SYSTEM)