CVE Catalog
CVE-2026-45647
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk0.17%
7th percentile - higher than 7% of all known CVEs
Summary
A time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Risk Assessment
An attacker with appropriate permissions can exploit this vulnerability to gain higher privileges, potentially leading to serious security breaches in the system.
Recommendation
It is recommended to update Microsoft Defender for Endpoint to the latest version to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

