CVE-2026-33694

Description

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.

References

• https://tenable.com/security/tns-2026-12
• https://tenable.com/security/tns-2026-13