High severity7.8CISA KEVNVD Advisory· Published Apr 14, 2026· Updated Apr 23, 2026
CVE-2026-33825
CVE-2026-33825
Description
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
Affected products
1- cpe:2.3:a:microsoft:defender_antimalware_platform:*:*:*:*:*:*:*:*Range: <4.18.26030.3011
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825nvdVendor Advisory
- www.huntress.com/blog/nightmare-eclipse-intrusionnvdThird Party Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource