What is CVE-2026-33825?
Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
Timeline
- 2026-04-22Added to the CISA Known Exploited Vulnerabilities (KEV) catalog
- 2026-05-06CISA federal remediation deadline (BOD 22-01)
- 2026-07-01First covered in a defend.network daily briefing
CISA Known Exploited Vulnerability
Microsoft Defender Insufficient Granularity of Access Control Vulnerability
Affected product
Microsoft Defender
Remediation Steps
- Apply the vendor security update for Microsoft Defender as a priority.
- Restrict network exposure of the affected service to trusted sources until patched.
- Review logs and detections for indicators of exploitation.
- Confirm fixed versions against the official vendor advisory before deploying.
References
Referenced in our briefings & reports
- Vulnerability Priority Report – Week 5 of June 2026 (June 29 – July 5)
- AI agent poisoning, Langflow RCE exploited: Microsoft warns data theft risks (2026-07-01)
Browse all tracked CVEs in the defend.network CVE database →
🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.