Cybersecuritynews
Zero-Day Exploit for Windows RDS Sold for $220,000 on Dark Web
First seen 8 Mar 2026, 15:08 UTC
•



•82% similarity
•71.5
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A zero-day vulnerability in Windows Remote Desktop Services, tracked as CVE-2026-21533, is being sold for $220,000 on a dark web forum. This exploit allows attackers to gain local administrative control through improper privilege management. The vulnerability was published on February 10, 2026, and has been actively exploited since then.
ThreatCluster AI
Timeline
2026-02-10
CVE-2026-21533 published
2026-02-10
Added to CISA KEV (active exploitation)
2026-02-11
First public PoC released
2026-03-08
Exploit listed for sale on dark web for $220,000