CVE-2026-21533: Microsoft Windows Improper Privilege Management
Microsoft Windows Improper Privilege Management Vulnerability. Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.
- CISA KEV-listed (remediation due 2026-03-03)
- EPSS 20.2% (95.6% percentile)