{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/dynamics-365-customer-insights/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.7,"id":"CVE-2026-33821"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Dynamics 365 Customer Insights"],"_cs_severities":["high"],"_cs_tags":["privilege-escalation","cve-2026-33821","dynamics365"],"_cs_type":"threat","_cs_vendors":["Microsoft"],"content_html":"\u003cp\u003eCVE-2026-33821 is a critical vulnerability affecting Microsoft Dynamics 365 Customer Insights. The vulnerability stems from improper privilege management within the application. An authorized attacker who successfully exploits this vulnerability can elevate their privileges over a network. This could allow the attacker to perform actions they are normally not authorized to do, potentially leading to data breaches, service disruption, or other malicious activities. Microsoft has released a patch to address this vulnerability. Defenders should apply the patch as soon as possible to mitigate the risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn authorized user gains initial access to Microsoft Dynamics 365 Customer Insights.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies an endpoint or function vulnerable to privilege escalation (CVE-2026-33821).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious request to exploit the improper privilege management.\u003c/li\u003e\n\u003cli\u003eThe request is sent to the targeted endpoint, bypassing normal access controls.\u003c/li\u003e\n\u003cli\u003eThe application incorrectly grants elevated privileges to the attacker\u0026rsquo;s session.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the elevated privileges to access sensitive data or administrative functions.\u003c/li\u003e\n\u003cli\u003eThe attacker further compromises the system by modifying data or configurations.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-33821 can lead to unauthorized access to sensitive customer data, modification of configurations, and potential disruption of Microsoft Dynamics 365 Customer Insights services. The impact includes potential data breaches, compliance violations, and reputational damage. The scope of the impact depends on the level of privileges the attacker gains and the sensitivity of the data they access.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security update released by Microsoft to patch CVE-2026-33821 on all Microsoft Dynamics 365 Customer Insights instances immediately.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious activity related to privilege escalation attempts, specifically targeting Dynamics 365 Customer Insights. Deploy the Sigma rules provided in this brief to your SIEM and tune for your environment.\u003c/li\u003e\n\u003cli\u003eReview and enforce strict least-privilege access controls within Dynamics 365 Customer Insights to limit the potential impact of successful exploitation.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T18:19:12Z","date_published":"2026-05-12T18:19:12Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-33821-dynamics365-privesc/","summary":"CVE-2026-33821 is a privilege escalation vulnerability in Microsoft Dynamics 365 Customer Insights, allowing an authorized attacker to elevate privileges over a network.","title":"CVE-2026-33821: Microsoft Dynamics 365 Customer Insights Privilege Escalation","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-33821-dynamics365-privesc/"}],"language":"en","title":"CraftedSignal Threat Feed — Dynamics 365 Customer Insights","version":"https://jsonfeed.org/version/1.1"}