The vulnerability of the threat detection mechanism of Microsoft Defender for IoT, which stems from the lack of proper validation of the user-inputted string, allows attackers to escalate their privileges or execute arbitrary code.

🗓️ 18 Mar 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Defender for IoT threat detection uses unvalidated input to execute commands, enabling privilege escalation or arbitrary code execution.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2022-23266	9 Mar 202217:15	–	attackerkb
CNNVD	Microsoft Defender 权限许可和访问控制问题漏洞	8 Mar 202200:00	–	cnnvd
CNVD	Microsoft Defender permission permission and access control issues vulnerability	9 Mar 202200:00	–	cnvd
CVE	CVE-2022-23266	9 Mar 202217:06	–	cve
Cvelist	CVE-2022-23266 Microsoft Defender for IoT Elevation of Privilege Vulnerability	9 Mar 202217:06	–	cvelist
EUVD	EUVD-2022-28353	3 Oct 202520:07	–	euvd
Kaspersky	KLA12481 Multiple vulnerabilities in Microsoft System Center	8 Mar 202200:00	–	kaspersky
Microsoft CVE	Microsoft Defender for IoT Elevation of Privilege Vulnerability	8 Mar 202208:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Defender	8 Mar 202200:00	–	ncsc
NVD	CVE-2022-23266	9 Mar 202217:15	–	nvd

Vulners

Node

microsoft defender_for_iotRange<22.1.2

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23266
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-496/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-23266
vuldb	www.vuldb.com/ru/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022030836
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-496/
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-16123/

18 Mar 2022 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 26.8

CVSS 37.8

EPSS0.00409

defender for iot unvalidated input execute system commands privilege escalation arbitrary code execution