Microsoft Defender for Endpoint 访问控制错误漏洞

Microsoft Defender for Endpoint is an enterprise endpoint security platform from Microsoft Corporation USA that helps defend against advanced persistent threats. An access control error vulnerability exists in Microsoft Defender for Endpoint that stems from an elevation of privilege vulnerability...

PT-2025-21360 · Microsoft · Defender For Endpoint

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for Endpoint affected versions not specified Description: The issue concerns an elevation of privilege in Microsoft Defender for Endpoint. No specific details about the technical aspects of the issue, such as API endpoints,...

KLA83714 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-47161 Related products Microsoft-Defender-for-Endpoint-for-Linux CVE list CVE-2025-47161 critical Solution Install necessar...

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems, related to improper external management of file names or paths, allows attackers to escalate their privileges.

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow attackers to increase their privileges...

Vulnerabilities fixed in Microsoft Defender

Microsoft has fixed vulnerabilities in Defender for Endpoint and Defender for Identity. A malicious party could exploit the vulnerabilities to impersonate another user and assign themselves elevated privileges, enabling execution of arbitrary code with SYSTEM privileges. For successful...

CVE-2025-26685

Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network...

CVE-2025-26684

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

CVE-2025-26684

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

CVE-2025-26685 Microsoft Defender for Identity Spoofing Vulnerability

...

CVE-2025-26685

CVE-2025-26685 – Microsoft Defender for Identity Spoofing : Affected component is Microsoft Defender for Identity. Root cause is improper authentication that allows an unauthenticated attacker on the same LAN/adjacent network to spoof against the target. Direct impact includes impersonation and, ...

CVE-2025-26685 Microsoft Defender for Identity Spoofing Vulnerability

...

CVE-2025-26684 Microsoft Defender Elevation of Privilege Vulnerability

...

CVE-2025-26684 Microsoft Defender Elevation of Privilege Vulnerability

...

CVE-2025-26684

CVE-2025-26684 is a Microsoft Defender Elevation of Privilege vulnerability in Defender for Endpoint where external control of a file name or path enables a locally authenticated attacker with high privileges to elevate to a higher privilege level. The CVSSv3.1 base score is 6.7 (Medium) with loc...

Microsoft Defender for Identity Spoofing Vulnerability

Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network...

Microsoft Defender Elevation of Privilege Vulnerability

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

Microsoft/Windows Defender Detection (Windows SMB Login)

Detects and gathers information of Microsoft/Windows Defender on Windows operating systems. Supports Windows 7 and Server 2008 onwards. The information is retrieved via Powershell. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...

Microsoft Windows Defender 缓冲区错误漏洞

Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from Microsoft USA. A buffer error vulnerability exists in Microsoft Windows Defender. An attacker could exploit this vulnerability to cause a denial of service on the system. The following products and...

Microsoft Defender 安全漏洞

Microsoft Defender is a threat protection software from Microsoft USA. A security vulnerability exists in Microsoft Defender. An attacker exploiting the vulnerability can elevate privileges...

PT-2025-20939 · Microsoft · Defender For Endpoint

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for Endpoint affected versions not specified Description: The issue allows an authorized attacker to elevate privileges locally through external control of file name or path. The vulnerability exists in the grab java versio...