Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Local low-priv attacker (AV:L/PR:L) must win a filesystem race to abuse link following (AC:H), and the SYSTEM-level engine yields total C/I/A within one system (S:U).
Primary rating from Vendor (microsoft).
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionNVD
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.
Articles & Coverage 1
AnalysisAI
Elevation of privilege in the Microsoft Malware Protection Engine (mpengine) - the scanning core shared by Microsoft Defender Antivirus - allows a low-privileged local user, tracked publicly as "RoguePlanet", to gain SYSTEM-level control by abusing how the engine resolves file links (CWE-59). Because the engine runs with the highest privileges, successful exploitation yields total loss of confidentiality, integrity, and availability. Publicly available exploit code exists (MSNightmare/RoguePlanet on GitHub) and SSVC rates technical impact as total, but there is no CISA KEV listing and EPSS is low (0.39%, 30th percentile), indicating no evidence of widespread active exploitation yet.
Technical ContextAI
The Microsoft Malware Protection Engine (mpengine.dll) is the common scanning and detection component behind Microsoft Defender Antivirus, Security Essentials, and related Microsoft anti-malware products; it runs as a highly privileged service so it can inspect and quarantine files anywhere on disk. The CWE-59 root cause (improper link resolution / link following) means the engine can be tricked into following an attacker-controlled symbolic link, junction, or hard link so that a privileged file operation - such as writing, moving, or acting on a quarantined/scanned file - is redirected to a location the attacker could not otherwise reach. The affected CPE is cpe:2.3:a:microsoft:microsoft_malware_protection_engine, confirming the flaw lives in the shared engine rather than a specific Defender UI build. Symlink-following classes of bugs in privileged antivirus services are a well-known local privilege-escalation primitive because the security product itself supplies the high-privilege context.
RemediationAI
Patch available per vendor advisory (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656); no discrete fixed engine version number is published in the provided data because the Malware Protection Engine updates automatically. The primary action is to ensure the engine self-updates: confirm systems are running an engine version at or above the one Microsoft ships for this CVE by verifying Defender platform/engine currency (for example via 'Get-MpComputerStatus' and checking AMEngineVersion, or Update-MpSignature to force an update), and confirm managed/air-gapped endpoints that pull engine updates through WSUS/SCCM/Intune actually received the new engine. As a compensating control on multi-user hosts while confirming the engine version, restrict interactive local logon of low-privileged and untrusted users (this bug requires local low-privileged access, so limiting who can run code locally directly reduces exposure) - the trade-off is reduced shared-host usability. Since exploitation depends on filesystem link manipulation, monitoring for symlink/junction creation and unexpected mpengine file operations can aid detection, though it does not prevent the flaw.
Local code execution in Microsoft Defender (Microsoft Malware Protection Engine) allows an unauthorized attacker to run
Local code execution in Microsoft Defender's Malware Protection Engine (mpengine) arises from an integer underflow (CWE-
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37141
GHSA-hgx9-224c-3p2x