CVE-2026-20876
VBS Enclave — heap-based buffer overflow allows elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | VBS Enclave (Virtualization-Based Security) |
| Vulnerability Class | Buffer Overflow (Heap) |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | January 13, 2026 |
Root Cause
A heap-based buffer overflow in the VBS Enclave component occurs during enclave memory operations. Missing bounds validation allows writing past allocated buffer boundaries within the VBS enclave context.
Exploitation
The attacker triggers the heap overflow through crafted enclave operations. The overflow corrupts enclave memory structures for privilege escalation.
Exploitation Primitive
Crafted enclave operation → heap buffer overflow
→ enclave memory corruption → privilege escalation