Duty Analyst: Joseph McCarthy

CVE-2026-50656

Published: 2026-06-16 19:17:00 | Last modified: 2026-07-09 00:17:27

HIGH CVSS 7.8
No EPSS data

Description

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".

CVSS details

Severity
high
Score
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

This CVE is not currently listed in the EPSS dataset.

Show JSON
{
    "cve": {
        "id": "CVE-2026-50656",
        "cveTags": [],
        "metrics": {
            "ssvcV203": [
                {
                    "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "ssvcData": {
                        "id": "CVE-2026-50656",
                        "role": "CISA Coordinator",
                        "options": [
                            {
                                "exploitation": "poc"
                            },
                            {
                                "automatable": "no"
                            },
                            {
                                "technicalImpact": "total"
                            }
                        ],
                        "version": "2.0.3",
                        "timestamp": "2026-06-16T00:00:00+00:00"
                    }
                }
            ],
            "cvssMetricV31": [
                {
                    "type": "Secondary",
                    "source": "secure@microsoft.com",
                    "cvssData": {
                        "scope": "UNCHANGED",
                        "version": "3.1",
                        "baseScore": 7.8,
                        "attackVector": "LOCAL",
                        "baseSeverity": "HIGH",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        "integrityImpact": "HIGH",
                        "userInteraction": "NONE",
                        "attackComplexity": "LOW",
                        "availabilityImpact": "HIGH",
                        "privilegesRequired": "LOW",
                        "confidentialityImpact": "HIGH"
                    },
                    "impactScore": 5.9,
                    "exploitabilityScore": 1.8
                },
                {
                    "type": "Primary",
                    "source": "nvd@nist.gov",
                    "cvssData": {
                        "scope": "UNCHANGED",
                        "version": "3.1",
                        "baseScore": 7,
                        "attackVector": "LOCAL",
                        "baseSeverity": "HIGH",
                        "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        "integrityImpact": "HIGH",
                        "userInteraction": "NONE",
                        "attackComplexity": "HIGH",
                        "availabilityImpact": "HIGH",
                        "privilegesRequired": "LOW",
                        "confidentialityImpact": "HIGH"
                    },
                    "impactScore": 5.9,
                    "exploitabilityScore": 1
                }
            ]
        },
        "affected": [
            {
                "source": "secure@microsoft.com",
                "affectedData": [
                    {
                        "vendor": "Microsoft",
                        "product": "Microsoft Malware Protection Engine",
                        "versions": [
                            {
                                "status": "affected",
                                "version": "1.1.0.0",
                                "lessThan": "1.1.26060.3008",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        ],
        "published": "2026-06-16T19:16:59.683",
        "references": [
            {
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656",
                "tags": [
                    "Vendor Advisory"
                ],
                "source": "secure@microsoft.com"
            },
            {
                "url": "https://github.com/MSNightmare/RoguePlanet",
                "tags": [
                    "Product"
                ],
                "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
            }
        ],
        "vulnStatus": "Modified",
        "weaknesses": [
            {
                "type": "Secondary",
                "source": "secure@microsoft.com",
                "description": [
                    {
                        "lang": "en",
                        "value": "CWE-59"
                    }
                ]
            }
        ],
        "descriptions": [
            {
                "lang": "en",
                "value": "Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet "."
            }
        ],
        "lastModified": "2026-07-09T00:17:26.607",
        "configurations": [
            {
                "nodes": [
                    {
                        "negate": false,
                        "cpeMatch": [
                            {
                                "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:-:*:*:*:*:*:*:*",
                                "vulnerable": true,
                                "matchCriteriaId": "1CF44512-0B67-4B5F-B271-C8CA45D30DA8"
                            }
                        ],
                        "operator": "OR"
                    }
                ]
            }
        ],
        "sourceIdentifier": "secure@microsoft.com"
    }
}