{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20803", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-12-03T05:54:20.370Z", "datePublished": "2026-01-13T17:56:06.184Z", "dateUpdated": "2026-04-01T13:48:15.136Z"}, "containers": {"cna": {"title": "Microsoft SQL Server Elevation of Privilege Vulnerability", "datePublic": "2026-01-13T16:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "versionStartIncluding": "16.0.0", "versionEndExcluding": "16.0.1165.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "versionStartIncluding": "17.0.1050.2", "versionEndExcluding": "17.0.1050.2"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "versionStartIncluding": "16.0.0.0", "versionEndExcluding": "16.0.4230.2"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "16.0.0", "lessThan": "16.0.1165.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 22)", "versions": [{"version": "16.0.0.0", "lessThan": "16.0.4230.2", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)", "versions": [{"version": "17.0.1050.2", "lessThan": "17.0.1050.2", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-306: Missing Authentication for Critical Function", "lang": "en-US", "type": "CWE", "cweId": "CWE-306"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-01T13:48:15.136Z"}, "references": [{"name": "Microsoft SQL Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-14T04:56:58.655928Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:04:41.325Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-14T04:56:58.655928Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T19:41:13.468Z"}}], "cna": {"title": "Microsoft SQL Server Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (GDR)", "versions": [{"status": "affected", "version": "16.0.0", "lessThan": "16.0.1165.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 22)", "versions": [{"status": "affected", "version": "16.0.0.0", "lessThan": "16.0.4230.2", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)", "versions": [{"status": "affected", "version": "17.0.1050.2", "lessThan": "17.0.1050.2", "versionType": "custom"}]}], "datePublic": "2026-01-13T16:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803", "name": "Microsoft SQL Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "16.0.1165.1", "versionStartIncluding": "16.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "17.0.1050.2", "versionStartIncluding": "17.0.1050.2"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "16.0.4230.2", "versionStartIncluding": "16.0.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-01T13:48:15.136Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20803", "state": "PUBLISHED", "dateUpdated": "2026-04-01T13:48:15.136Z", "dateReserved": "2025-12-03T05:54:20.370Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-01-13T17:56:06.184Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "matchCriteriaId": "571B6885-6FD3-4E3F-A22A-583A0029F20A", "versionEndExcluding": "16.0.1165.1", "versionStartIncluding": "16.0.1000.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "matchCriteriaId": "B984CC39-AE9C-4F8E-B316-94EFF9462148", "versionEndExcluding": "16.0.4230.2", "versionStartIncluding": "16.0.4003.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2025:17.0.1000.7:*:*:*:*:*:x64:*", "matchCriteriaId": "E722BA1A-A8E8-486E-8D8E-6F9B7DD2B556", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network."}], "id": "CVE-2026-20803", "lastModified": "2026-01-16T14:35:02.720", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-01-13T18:16:06.630", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-16T08:42:04.536236+00:00", "value": {"mitigation_remediation": ["Download and install the security update for Microsoft SQL Server\u202f2022 and\u202f2025 that addresses CVE\u20112026\u201120803 from Microsoft\u2019s update guide.", "Review database role permissions and ensure only necessary users have the roles that can invoke the vulnerable function, applying the principle of least privilege.", "Apply network segmentation and firewall rules to limit exposure of SQL Server to trusted subnets and reduce the attack surface for privilege escalation."], "summary": {"action": "Patch Immediately", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Microsoft SQL Server 2022 (GDR) and the x64-based version with CU\u202f22, as well as Microsoft SQL Server\u202f2025 (GDR). The affected releases include the 17.0.1000.7 build for the x64 platform.", "description_and_impact": "The vulnerability is a missing authentication check for a critical function in Microsoft SQL Server. An attacker who already has some level of authorized access can exploit the flaw to elevate their privileges within the database engine. This elevated privilege can lead to unauthorized data access, modification, or further attacks on the broader network, compromising confidentiality, integrity, and availability.", "risk_and_exploitability": "The CVSS score is 7.2, reflecting a high severity, while the EPSS score is less than\u202f1%, indicating that, as of now, exploitation is unlikely to be widely observed. The vulnerability is not listed in the CISA KEV catalog, further suggesting low exploit visibility. The attack vector is likely remote network\u2011based, requiring the attacker to first authenticate to the SQL Server instance. Once authenticated, the attacker can invoke the vulnerable function and gain privileges beyond those originally granted."}}}}, "created": "2026-04-16T08:45:26.261258+00:00", "updated": "2026-04-16T08:45:26.261268+00:00", "vendors": []}