CVE-2026-50656
Received Received - Intake
Elevation of Privilege in Microsoft Defender Malware Protection Engine

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: Microsoft Corporation

Description
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-50656
EUVD
EUVD-2026-37141
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
microsoft malware_protection_engine *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an elevation of privilege issue in the Microsoft Malware Protection Engine within Microsoft Defender, known publicly as "RoguePlanet".

Elevation of privilege means that an attacker could gain higher-level permissions than intended, potentially allowing them to perform unauthorized actions on the affected system.

Impact Analysis

The vulnerability can allow an attacker with limited privileges to elevate their permissions, which could lead to full control over the affected system.

According to the CVSS score of 7.8, the impact includes high confidentiality, integrity, and availability risks, meaning sensitive data could be exposed or altered, and system availability could be compromised.

Mitigation Strategies

Microsoft is working to provide a high quality security update that addresses this vulnerability.

Until the update is available, no specific mitigation steps have been provided.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50656. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart