CVE-2026-35433: .NET Elevation of Privilege Vulnerability

Overview

Severity

High (CVSS 7.3)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C

Category

Elevation of Privilege

Exploit Status

Not Exploited

Exploitation Likelihood

Unlikely

Patch Tuesday

2026-May

Released

2026-05-12

Last Updated

2026-06-17

EPSS Score

0.53% (percentile: 40.6%)

Description

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.

FAQ

What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Exploitation of this vulnerability requires that a user trigger the payload in the application. According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and integrity (I:H), and some loss of availability (A:L). What does that mean for this vulnerability? An attacker who successfully exploited this vulnerability could view sensitive information (Confidentiality) and modify code in the repo, (Integrity), and they might be able to interfere with availability of the code (Availability).

Affected Products (30)

Developer Tools

• .NET 10.0 installed on Windows
• .NET 8.0 installed on Windows
• .NET 9.0 installed on Windows
• Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems
• Microsoft .NET Framework 4.8 on Windows Server 2016
• Microsoft .NET Framework 4.8 on Windows Server 2012
• Microsoft .NET Framework 4.8 on Windows Server 2012 R2
• Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022
• Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025
• Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems
• Microsoft .NET Framework 3.5 on Windows Server 2012
• Microsoft .NET Framework 3.5 on Windows Server 2012 R2

Security Updates (18)

• 5093446
• 5093447
• 5093448
• 5087065
• 5087067
• 5087063
• 5087066
• 5087068
• 5087064
• 5087061
• 5087059
• 5087053
• 5087051
• 5087055
• 5087058
• 5087054
• 5087048
• 5087049

Acknowledgments

Ky0toFu

Revision History

• 2026-05-12: Information published.
• 2026-05-14: Updated links to the .NET Framework security updates. Customers running these versions of .NET Framework are encouraged to install the updates for the indicated versions to be protected from this vulnerability.
• 2026-06-05: This CVE was updated to fix the download links for .NET Framework 3.8 & 4.81 installed on Windows Server 2025. Microsoft recommend installing the security update if you haven't done so already.
• 2026-06-17: This CVE was updated to remove Windows 11 (21H1 and 22H2) as impacted