Microsoft
CVE-2026-21533
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Articles & Coverage 1
AnalysisAI
Windows Remote Desktop contains an improper privilege management vulnerability (CVE-2026-21533, CVSS 7.8) enabling authorized local attackers to escalate to SYSTEM. KEV-listed, this vulnerability in the RDP subsystem is particularly concerning in environments where Remote Desktop is widely used, as it can be chained with RDP session access for complete system compromise.
Technical ContextAI
The Remote Desktop subsystem in Windows improperly manages privileges for certain operations, allowing an authorized user to escalate to SYSTEM. In environments using Remote Desktop Services, this vulnerability is particularly impactful because any user with RDP access can potentially achieve full system control. The vulnerability is local but RDP provides the remote access vector.
RemediationAI
Apply Microsoft security update. Enforce NLA (Network Level Authentication) for RDP. Implement MFA for RDP access. Restrict RDP access to required users only. Monitor for privilege escalation following RDP sessions.
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today