CVE-2026-35433 on ZX Cloud Securityhttps://zxcloudsecurity.co.uk/tags/cve-2026-35433/Recent content in CVE-2026-35433 on ZX Cloud SecurityHugoen-GBTue, 17 Jun 2025 14:00:00 +0000CVE-2026-35433: .NET Elevation of Privilege Flawhttps://zxcloudsecurity.co.uk/posts/cve-2026-35433-dotnet-elevation-of-privilege-vulnerability/Wed, 17 Jun 2026 14:00:00 +0000https://zxcloudsecurity.co.uk/posts/cve-2026-35433-dotnet-elevation-of-privilege-vulnerability/Microsoft updates CVE-2026-35433, a .NET Elevation of Privilege vulnerability, removing Windows 11 21H1 and 22H2 from the affected platforms list.🟠 High  |  Source: Microsoft Security Response Center

CVE-2026-35433 is an Elevation of Privilege vulnerability in .NET that allows an attacker to gain higher system permissions than intended. Microsoft has revised the advisory to clarify that Windows 11 versions 21H1 and 22H2 are no longer considered affected. Organisations running .NET on other impacted platforms should review their patch status promptly.

Security Architect’s Take: Audit your Azure-hosted workloads and CI/CD pipelines running .NET to confirm which runtime versions are deployed, and verify patched versions are in use. Remove Windows 11 21H1 and 22H2 from your affected-systems tracking if previously included.

Original advisory: CVE-2026-35433 .NET Elevation of Privilege Vulnerability

]]>