The vulnerability of the threat detection mechanism of Microsoft Defender for IoT, related to the lack of proper validation of the user-inputted string, allows a perpetrator to execute arbitrary code.

🗓️ 18 Mar 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Vulnerability in Defender for IoT threat detection allows code execution due to input validation.

Reporter	Title	Published	Views	Family All 17
ATTACKERKB	CVE-2022-23265	9 Mar 202217:15	–	attackerkb
Information Security Automation	Microsoft Patch Tuesday March 2022	14 Mar 202217:33	–	avleonov
Circl	CVE-2022-23265	9 Mar 202220:11	–	circl
CNNVD	Microsoft Defender for IoT 代码注入漏洞	8 Mar 202200:00	–	cnnvd
CNVD	Microsoft Defender code injection vulnerability	9 Mar 202200:00	–	cnvd
CVE	CVE-2022-23265	9 Mar 202217:06	–	cve
Cvelist	CVE-2022-23265 Microsoft Defender for IoT Remote Code Execution Vulnerability	9 Mar 202217:06	–	cvelist
EUVD	EUVD-2022-28352	3 Oct 202520:07	–	euvd
Kaspersky	KLA12481 Multiple vulnerabilities in Microsoft System Center	8 Mar 202200:00	–	kaspersky
Microsoft CVE	Microsoft Defender for IoT Remote Code Execution Vulnerability	8 Mar 202208:00	–	mscve

Vulners

Node

microsoft defender_for_iotRange<22.1.2

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23265
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-23265
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022030836
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-495/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-15761/

18 Mar 2022 00:00Current

7High risk

Vulners AI Score7

CVSS 37.2

CVSS 29

EPSS0.02737

Internet of Things Threat detection Input validation Remote code execution Security vulnerability