Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-33821: Microsoft Dynamics 365 Customer Insights Privilege Escalation

CVE-2026-33821

Summary

An attacker with authorized access to Microsoft Dynamics 365 Customer Insights can potentially gain higher-level access to the system, allowing them to view or modify sensitive data. This is a concern because it could lead to unauthorized changes or data breaches. To address this, ensure your organization is using the latest version of Microsoft Dynamics 365 Customer Insights and consider implementing additional access controls to limit user privileges.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions
microsoft	dynamics_365_customer_insights	All versions `cpe:2.3:a:microsoft:dynamics_365_customer_insights:-:::::::*`

Original title

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.

Original description

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.

nvd CVSS3.1 7.7

Vulnerability type

CWE-269 Improper Privilege Management

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33821

Published: 12 May 2026 · Updated: 31 May 2026 · First seen: 13 May 2026