CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-33825

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.048

EPSS Ranking 89.6%

CVSS Severity

CVSS v3 Score 7.8

Proposed Action

Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.

Ransomware Campaign

Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-33825
https://www.huntress.com/blog/nightmare-eclipse-intrusion

Products affected by CVE-2026-33825

Microsoft » Defender Antimalware Platform » Version: Any

cpe:2.3:a:microsoft:defender_antimalware_platform:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33825

Products

Pricing

Contact Us