Apr 2026: Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-32093 Published on April 14, 2026
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
Weakness Types
What is a Race Condition Vulnerability?
The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.
CVE-2026-32093 has been classified to as a Race Condition vulnerability or weakness.
What is a TOCTTOU Vulnerability?
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state. This weakness can be security-relevant when an attacker can influence the state of the resource between check and use. This can happen with shared resources such as files, memory, or even variables in multithreaded programs.
CVE-2026-32093 has been classified to as a TOCTTOU vulnerability or weakness.
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Products Associated with CVE-2026-32093
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows 10 Version 1607:- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.19044.0 and below 10.0.19044.7184 is affected.
- Version 10.0.19045.0 and below 10.0.19045.7184 is affected.
- Version 10.0.22631.0 and below 10.0.22631.6936 is affected.
- Version 10.0.22631.0 and below 10.0.22631.6936 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.
- Version 10.0.26200.0 and below 10.0.26200.8246 is affected.
- Version 10.0.28000.0 and below 10.0.28000.1836 is affected.
- Version 6.2.9200.0 and below 6.2.9200.26026 is affected.
- Version 6.2.9200.0 and below 6.2.9200.26026 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.20348.0 and below 10.0.20348.5020 is affected.
- Version 10.0.25398.0 and below 10.0.25398.2274 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.