Microsoft Defender Privilege Elevation on Local Systems

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Microsoft Defender Privilege Elevation on Local Systems

CVE-2026-33825

Summary

A security weakness in Microsoft Defender allows an authorized user to gain higher access levels on a system. This could be exploited by an attacker who already has some level of access, potentially leading to unauthorized actions on the system. Microsoft should be contacted to determine the best course of action to address this issue.

Original title

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Original description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-1220

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026