CISA Adds Microsoft Defender Vulnerability CVE-2026-33825 to KEV Catalog
CISA has added CVE-2026-33825, a Microsoft Defender vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation.
CISA has added CVE-2026-33825, a Microsoft Defender vulnerability related to insufficient granularity of access control, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is based on evidence of active exploitation, indicating that malicious actors are actively leveraging this flaw. The KEV Catalog is a crucial resource for federal agencies, mandated by Binding Operational Directive (BOD) 22-01, to reduce the risk posed by known exploited vulnerabilities.
The vulnerability allows for an insufficient granularity of access control within Microsoft Defender, potentially enabling attackers to bypass security measures or gain elevated privileges. This type of vulnerability is identified as a frequent attack vector, posing significant risks to the federal enterprise. Successful exploitation could lead to unauthorized access, data breaches, or further compromise of systems.
Federal Civilian Executive Branch (FCEB) agencies are required by BOD 22-01 to remediate vulnerabilities listed in the KEV Catalog by a specified deadline. Organizations using Microsoft Defender should ensure their systems are updated and that appropriate security configurations are in place to prevent exploitation of this vulnerability.