CVE-2026-21533

Analyzed
Published: 10 Feb 2026, 17:51
Last modified:27 Mar 2026, 20:40

Vulnerability Summary

Overall Risk (default)
medium
36/100
CVSS Score
7.8 HIGH
v3.1 (cve.org)
EPSS Score
22.71% HIGH
23% probability +2.42%
KEV
Listed
CISA
1 listing
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

10 Feb 2026, 17:51
Published
Vulnerability first disclosed
10 Feb 2026, 00:00
Added to CISA KEV
Microsoft Windows Improper Privilege Management Vulnerability
03 Mar 2026, 00:00
CISA Remediation Due
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
27 Mar 2026, 20:40
Last Modified
Vulnerability information updated

Description

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

CVSS Metrics

  • v3.1HIGHScore: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
  • v3.1HIGHScore: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 22.71% Percentile: 96%

Techniques & Countermeasures

  • CWE-269Improper Privilege Management

    The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Systems

  • microsoftwindows_10_1607

    < 10.0.14393.8868

  • microsoftwindows_10_1809

    < 10.0.17763.8389

  • microsoftwindows_10_21h2

    < 10.0.19044.6937

  • microsoftwindows_10_22h2

    < 10.0.19045.6937

  • microsoftwindows 10 version 1607

    ≥ 10.0.14393.0, < 10.0.14393.8868

  • microsoftwindows 10 version 1809

    ≥ 10.0.17763.0, < 10.0.17763.8389

  • microsoftwindows 10 version 21h2

    ≥ 10.0.19044.0, < 10.0.19044.6937

  • microsoftwindows 10 version 22h2

    ≥ 10.0.19045.0, < 10.0.19045.6937

  • microsoftwindows_11_23h2

    < 10.0.22631.6649

  • microsoftwindows_11_24h2

    < 10.0.26100.7781

  • microsoftwindows_11_25h2

    < 10.0.26200.7781

  • microsoftwindows 11 version 22h3

    ≥ 10.0.22631.0, < 10.0.22631.6649

  • microsoftwindows 11 version 23h2

    ≥ 10.0.22631.0, < 10.0.22631.6649

  • microsoftwindows 11 version 24h2

    ≥ 10.0.26100.0, < 10.0.26100.7840

  • microsoftwindows 11 version 25h2

    ≥ 10.0.26200.0, < 10.0.26200.7840

  • microsoftwindows 11 version 26h1

    ≥ 10.0.28000.0, < 10.0.28000.1575

  • microsoftwindows server 2012

    ≥ 6.2.9200.0, < 6.2.9200.25923 | na | r2

  • microsoftwindows server 2012 r2

    ≥ 6.3.9600.0, < 6.3.9600.23022

  • microsoftwindows server 2012 r2 (server core installation)

    ≥ 6.3.9600.0, < 6.3.9600.23022

  • microsoftwindows server 2012 (server core installation)

    ≥ 6.2.9200.0, < 6.2.9200.25923

  • microsoftwindows server 2016

    ≥ 10.0.14393.0, < 10.0.14393.8868 | < 10.0.14393.8868

  • microsoftwindows server 2016 (server core installation)

    ≥ 10.0.14393.0, < 10.0.14393.8868

  • microsoftwindows server 2019

    ≥ 10.0.17763.0, < 10.0.17763.8389 | < 10.0.17763.8389

  • microsoftwindows server 2019 (server core installation)

    ≥ 10.0.17763.0, < 10.0.17763.8389

  • microsoftwindows server 2022

    ≥ 10.0.20348.0, < 10.0.20348.4773 | < 10.0.20348.4711

  • microsoftwindows_server_2022_23h2

    < 10.0.25398.2149

  • microsoftwindows server 2022, 23h2 edition (server core installation)

    ≥ 10.0.25398.0, < 10.0.25398.2149

  • microsoftwindows server 2025

    ≥ 10.0.26100.0, < 10.0.26100.32370 | < 10.0.26100.32313

  • microsoftwindows server 2025 (server core installation)

    ≥ 10.0.26100.0, < 10.0.26100.32370

References (4)