CVE-2025-26684

Summary

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Defender for Endpoint for Linux101.0.0 < 101.25032.0010affected

Weaknesses

  • CWE-73: CWE-73: External Control of File Name or Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References