← Back to Vulnerability Reports CVE Intelligence

CVE-2026-33825

Microsoft Defender In the wild In CISA KEV

What is CVE-2026-33825?

Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.

CVSSawaiting NVD
Exploitation In the wild In CISA KEV
EPSS7% · P93
Triage statusActive Exploit
ActionPatch immediately

Timeline

  • 2026-04-22Added to the CISA Known Exploited Vulnerabilities (KEV) catalog
  • 2026-05-06CISA federal remediation deadline (BOD 22-01)
  • 2026-07-01First covered in a defend.network daily briefing

CISA Known Exploited Vulnerability

Microsoft Defender Insufficient Granularity of Access Control Vulnerability

Added to KEV2026-04-22
Federal patch deadline2026-05-06
Known ransomware useKnown

Affected product

Microsoft Defender

Remediation Steps

  1. Apply the vendor security update for Microsoft Defender as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

Browse all tracked CVEs in the defend.network CVE database →

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Get Critical CVE Alerts

Subscribe free and hear about actively exploited CVEs like this one first.