CVE-2011-2005CISA KEVEPSS p98.1%

CVE-2011-2005Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability

Microsoft / Ancillary Function Driver (afd.sys)

Description

afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.

Scoring

EPSS31.76% probability of exploitation · percentile 98.1% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-03-28

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerabilitykev-cve-2011-20050%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft Windows Improper Input Validation Vulnerability
CVE
Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
CVE
Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
CVE
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
CVE
CVE-2026-41088
CVE
Microsoft Win32k Memory Corruption Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.