CVE-2026-33824
Published: 14 April 2026
Summary
CVE-2026-33824 is a critical-severity Double Free (CWE-415) vulnerability in Microsoft Windows 10 21H2. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-33824 is a double free vulnerability (CWE-415) in the Windows IKE Extension. This flaw affects Windows systems that utilize the IKE Extension component for Internet Key Exchange operations. Published on 2026-04-14T18:17:34.767, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact.
An unauthorized attacker can exploit this vulnerability remotely over the network without requiring authentication, privileges, or user interaction. Exploitation triggers a double free condition, enabling arbitrary code execution on the target system and resulting in high impacts to confidentiality, integrity, and availability.
Microsoft provides guidance on this vulnerability through its Security Response Center update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33824.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-22641
Vulnerability details
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The double free vulnerability in the Windows IKE Extension component allows remote unauthenticated attackers to trigger arbitrary code execution over the network, directly enabling exploitation of remote services.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely remediation of flaws like this double free vulnerability through patching, directly preventing exploitation.
Enforces memory protections such as DEP and ASLR that mitigate double free exploitation leading to code execution.
Implements boundary protections to restrict network access to the vulnerable IKE Extension service, reducing remote attack opportunities.