Kaspersky LabKLA12383KLA12383 Multiple vulnerabilities in Microsoft System Center
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.046 Low
EPSS
Percentile
92.5%
Detect date:
12/14/2021
Severity:
Critical
Description:
Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.
Affected products:
Microsoft Defender for IoT
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2021-42315
CVE-2021-41365
CVE-2021-42310
CVE-2021-43889
CVE-2021-42314
CVE-2021-42313
CVE-2021-42311
CVE-2021-43882
CVE-2021-42312
CVE-2021-43888
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2021-423158.8Critical
CVE-2021-413658.8Critical
CVE-2021-423109.8Critical
CVE-2021-438897.2High
CVE-2021-423148.8Critical
CVE-2021-438829.8Critical
CVE-2021-423127.8Critical
CVE-2021-438887.5Critical
Microsoft official advisories:
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41365
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42310
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42312
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42314
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42315
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43882
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43889
nvd.nist.gov/vuln/detail/CVE-2021-41365
nvd.nist.gov/vuln/detail/CVE-2021-42310
nvd.nist.gov/vuln/detail/CVE-2021-42311
nvd.nist.gov/vuln/detail/CVE-2021-42312
nvd.nist.gov/vuln/detail/CVE-2021-42313
nvd.nist.gov/vuln/detail/CVE-2021-42314
nvd.nist.gov/vuln/detail/CVE-2021-42315
nvd.nist.gov/vuln/detail/CVE-2021-43882
nvd.nist.gov/vuln/detail/CVE-2021-43888
nvd.nist.gov/vuln/detail/CVE-2021-43889
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Windows-Defender/
Related
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.046 Low
EPSS
Percentile
92.5%