Microsoft Devices Pricing Program Allows Hackers to Run Malicious Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.8

Microsoft Devices Pricing Program Allows Hackers to Run Malicious Code

CVE-2026-21536

Summary

A weakness in the Microsoft Devices Pricing Program allows attackers to execute unauthorized code on a device. This could enable them to steal sensitive information or take control of the device. Update your system to the latest version to prevent exploitation.

Original title

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

Original description

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

nvd CVSS3.1 9.8

Vulnerability type

CWE-434 Unrestricted File Upload

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21536

Published: 5 Mar 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026