CVE-2026-33825: Microsoft Defender Insufficient Granularity of Access Control Vulnerability

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2026-33825CVSS 7.8CISA KEVWindows

CVE-2026-33825: Microsoft Defender Insufficient Granularity of Access Control Vulnerability

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

CVSS
7.8 HIGH
EPSS
93.17%
Known exploited
yes
Product
Defender

What is known

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Sources