CVE-2026-20823 is a vulnerability classified under CWE-200, indicating exposure of sensitive information to unauthorized actors. It affects Microsoft Windows 10 Version 1607 (build 10.0.14393.0), specifically through Windows File Explorer. The vulnerability allows an attacker with local privileges to disclose sensitive information without user interaction. The CVSS 3.1 base score is 5.5 (medium severity), with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, meaning the attack requires local access, low complexity, privileges, no user interaction, and impacts confidentiality highly while not affecting integrity or availability. The flaw likely arises from improper access control or information leakage in the File Explorer component, enabling an authorized user to access data they should not be able to see. No public exploits or patches are currently documented, but the vulnerability is officially published and recognized. This vulnerability primarily threatens confidentiality of sensitive data on affected systems, especially in environments where legacy Windows 10 Version 1607 remains in use.

The primary impact of CVE-2026-20823 is unauthorized disclosure of sensitive information on affected Windows 10 Version 1607 systems. Organizations running this legacy OS version risk exposure of confidential data to local attackers who have some level of system access, such as lower-privileged users or insiders. This could lead to leakage of personal data, intellectual property, or security-sensitive information, potentially facilitating further attacks or compliance violations. Since the vulnerability does not affect system integrity or availability, it does not directly enable system compromise or denial of service. However, the confidentiality breach can undermine trust, regulatory compliance, and operational security. The impact is more pronounced in environments where Windows 10 Version 1607 remains in use due to legacy application dependencies or delayed upgrade cycles, including industrial control systems, government agencies, and enterprises with slow patch management. The absence of known exploits reduces immediate risk but does not eliminate potential targeted attacks.

To mitigate CVE-2026-20823, organizations should prioritize upgrading from Windows 10 Version 1607 to a supported and actively maintained Windows version, as this legacy build no longer receives security updates. If upgrading is not immediately feasible, organizations should implement strict access controls to limit local user privileges and restrict access to sensitive data within File Explorer. Employing application whitelisting and endpoint detection can help monitor and prevent unauthorized local activities. Regular auditing of user permissions and file access logs can detect anomalous behavior indicative of exploitation attempts. Network segmentation and use of least privilege principles reduce the risk of lateral movement by attackers with local access. Additionally, organizations should stay alert for any patches or security advisories from Microsoft addressing this vulnerability and apply them promptly once available. User education on the risks of local privilege misuse and insider threats also supports mitigation efforts.