{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000527c9be3","releaseDate":"2026-04-14T07:00:00-07:00","cveNumber":"CVE-2026-33824","cveTitle":"Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability","releaseNumber":"2026-Apr","vulnType":"Security Vulnerability","latestRevisionDate":"2026-04-14T07:00:00-07:00","description":"<p>Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.</p>\n","cweList":["CWE-415: Double Free"],"cweDetailsListForSearch":["cwe: CWE-415: Double Free","cweUrl: https://cwe.mitre.org/data/definitions/415.html"],"unformattedDescription":"Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.","mitreText":"CVE-2026-33824","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2026-33824","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":0,"denialOfService":"N/A","tag":"Windows IKE Extension","issuingCna":"Microsoft","issuingCnaId":100000001,"severityId":100000000,"severity":"Critical","impactId":100000005,"impact":"Remote Code Execution","langCode":"en-US","baseScore":"9.8","temporalScore":"8.5","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","vectorStringSource":"Microsoft","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":1,"cweDetailsList":[{"keys":["cwe","cweUrl"],"values":["CWE-415: Double Free","https://cwe.mitre.org/data/definitions/415.html"]}],"articles":[{"title":"Windows IKE Extension Remote Code Execution Vulnerability","articleType":"100000000","description":"<p>Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>How could an attacker exploit this vulnerability?</strong></p>\n<p>An unauthenticated attacker could send specially crafted packets to a Windows machine with Internet Key Exchange (IKE) version 2 enabled, which could enable remote code execution.</p>\n","ordinal":10000},{"title":"Mitigation-CVE-2026-33824","articleType":"Mitigation","description":"<p>The following <a href=\"https://technet.microsoft.com/library/security/dn848375.aspx#Mitigation\">mitigating factors</a> might be helpful in your situation:</p>\n<p>Customers who cannot immediately install the security update can take one of the following actions, depending on their environment:</p>\n<ul>\n<li>Block inbound traffic on UDP ports 500 and 4500 for systems that do not use IKE.</li>\n<li>For systems that require IKE, configure firewall rules to allow inbound traffic on UDP ports 500 and 4500 only from known peer addresses.</li>\n</ul>\n<p><em><strong>These actions reduce the attack surface but do not replace installing the security update when it becomes available.</strong></em></p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2026-33824","version":1,"revisionDate":"2026-04-14T07:00:00-07:00","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"f8f79c43-a92f-f111-939a-000d3ac5fb71"}]}