Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability

8.8 / 10

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

Visit Original Source

Basic Information

ID MS:CVE-2026-21537

Published Feb 10, 2026 at 08:00

{
    "lastseen": "2026-02-10T19:39:08",
    "description": "Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.\n",
    "published": "2026-02-10T08:00:00",
    "modified": "2026-02-10T08:00:00",
    "type": "mscve",
    "title": "Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability",
    "source": "",
    "references": "",
    "id": "MS:CVE-2026-21537",
    "bulletinFamily": "microsoft",
    "cwe": null,
    "cvelist": [
        "CVE-2026-21537"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-21537",
    "category_name": "News",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability_MS:CVE-2026-21537

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply