CVE-2026-53236: tcp: restrict SO_ATTACH_FILTER to priv users
CSIRTS triage
- What
- The tcp subsystem restricts SO_ATTACH_FILTER to privileged users only.
- Who is affected
- Users of the tcp subsystem.
- Urgency
- Remediation is high urgency due to the potential for privilege escalation, with a CVSS score of 7.
- Action
- Apply patches or updates that address CVE-2026-53236.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53236
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-532360.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-53236 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownMultiple vulnerabilities in Microsoft Azure Linux (June 29, 2026)cert-fr-avis
Recent advisories for tcp
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- highCVE-2026-57023: An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of…nvd · 2026-07-09
- highCVE-2026-51606: An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1…nvd · 2026-07-09
- highCVE-2026-29008: U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcp_rx_state_mac…nvd · 2026-07-08
- mediumCVE-2026-29007: U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcp_rx_state_machin…nvd · 2026-07-08
- criticalCVE-2026-58127: PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaS…nvd · 2026-07-01
- criticalCVE-2026-56413: Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.…nvd · 2026-06-30
More from Microsoft Security Response Center
- unknownCVE-2026-13881: Chromium: CVE-2026-13881 Insufficient data validation in WebAppInstalls2026-07-02
- unknownCVE-2026-14125: Chromium: CVE-2026-14125 Uninitialized Use in ANGLE2026-07-02
- highCVE-2026-12064: proto-default skips SSH verification2026-07-02
- unknownCVE-2026-13871: Chromium: CVE-2026-13871 Insufficient data validation in GuestView2026-07-02
- criticalCVE-2026-57100: Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability2026-07-02