CVE-2026-48581
Surface Broker SDMA Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
Insufficient granularity of access control in Microsoft Surface allows an authorized attacker to elevate privileges locally.
| Vendor | microsoft |
| Product | microsoft surface go |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | Jul 14, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for microsoft microsoft surface go
Be the first to know when new high vulnerabilities affecting microsoft microsoft surface go are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Microsoft / Microsoft Surface Go
-
Microsoft / Microsoft Surface Hub
-
Microsoft / Microsoft Surface Laptop Go
-
Microsoft / Microsoft Surface Laptop Go 3
-
Microsoft / Microsoft Surface Pro
-
Microsoft / Microsoft Surface Pro 8
-
Microsoft / Surface Laptop 4 with AMD Processor
-
Microsoft / Surface Laptop 4 with Intel Processor
-
Microsoft / Surface Windows Dev Kit
-