Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
[POC] CVE-2026-33825 — CVE-2026-33825
CVE-2026-33825
[POC] CVE-2026-33825 — CVE-2026-33825
RedSun PoC for self use
[POC] CVE-2026-33825 — Detecting_blue_hammer_vuln
Threat hunting query for bluehammer CVE windows CVE-2026-33825
[POC] CVE-2026-33825 — redsun-bluehammer-undefend-detection-pack
Microsoft Defender XDR KQL detections for RedSun, BlueHammer, UnDefend, and CVE-2026-33825-related Defender abuse behaviors.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free