CVE-2026-33825

HIGH KEV

Microsoft Defender Elevation of Privilege Vulnerability

Title source: cna

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Exploits (3)

nomisec SUSPICIOUS
by Bilal3755 · poc
https://github.com/Bilal3755/Detecting_blue_hammer_vuln
nomisec WRITEUP
by Letlaka · poc
https://github.com/Letlaka/redsun-bluehammer-undefend-detection-pack

References (3)

Scores

CVSS v3 7.8
EPSS 0.0382
EPSS Percentile 88.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2026-04-22
VulnCheck KEV 2026-04-16
ENISA EUVD EUVD-2026-22643
CWE
CWE-1220
Status published
Products (2)
microsoft/defender_antimalware_platform < 4.18.26030.3011
Microsoft/Microsoft Defender Antimalware Platform 4.0.0.0 - 4.18.26030.3011
Published Apr 14, 2026
KEV Added Apr 22, 2026
Tracked Since Apr 14, 2026