Jun 2026: Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
CVE-2026-45647 Published on June 9, 2026
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Weakness Type
What is a TOCTTOU Vulnerability?
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state. This weakness can be security-relevant when an attacker can influence the state of the resource between check and use. This can happen with shared resources such as files, memory, or even variables in multithreaded programs.
CVE-2026-45647 has been classified to as a TOCTTOU vulnerability or weakness.
Products Associated with CVE-2026-45647
Want to know whenever a new CVE is published for Microsoft Defender For Endpoint? stack.watch will email you.
Affected Versions
Microsoft Defender for Endpoint for Mac:- Version 101.0.0 and below 101.26042.0011 is affected.