Kaspersky LabKLA12481KLA12481 Multiple vulnerabilities in Microsoft System Center
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.022 Low
EPSS
Percentile
89.2%
Detect date:
03/08/2022
Severity:
High
Description:
Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface.
Affected products:
Microsoft Defender for Endpoint for Windows
Microsoft Defender for IoT
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2022-23265
CVE-2022-23266
CVE-2022-23278
Impacts:
ACE
KB list:
References
support.microsoft.com/kb/5011485
support.microsoft.com/kb/5011487
support.microsoft.com/kb/5011493
support.microsoft.com/kb/5011497
support.microsoft.com/kb/5011503
support.microsoft.com/kb/5011580
nvd.nist.gov/vuln/detail/CVE-2022-23265
nvd.nist.gov/vuln/detail/CVE-2022-23266
nvd.nist.gov/vuln/detail/CVE-2022-23278
statistics.securelist.com/vulnerability-scan/month
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.022 Low
EPSS
Percentile
89.2%