Lucene search
K

279 matches found

BDU FSTEC
BDU FSTEC
added 2022/02/07 12:0 a.m.12 views

The vulnerability of AppX Deployment Extensions for Windows operating systems stems from deficiencies in access control, allowing attackers to escalate their privileges.

The vulnerability of AppX Deployment Extensions in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.1AI score0.00835EPSS
Exploits0References3
Information Security Automation
Information Security Automation
added 2021/12/16 8:53 p.m.132 views

Microsoft Patch Tuesday December 2021

Hello everyone! Its even strange to talk about other vulnerabilities, while everyone is so focused on vulnerabilities in log4j. But life doesnt stop. Other vulnerabilities appear every day. And of course, there are many critical ones among them that require immediate patching. This episode will b...

7.5CVSS1.3AI score0.11963EPSS
Exploits1
hivepro
hivepro
added 2021/12/16 11:12 a.m.157 views

Microsoft released patch for actively exploited spoofing vulnerability

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Microsoft AppX has a spoofing vulnerability that has been assigned CVE-2021-43890. Attackers are taking advantage of this critical vulnerability by deploying well-known malwares such as Emotet, Trickbot, and Bazaloader. Thi...

6CVSS8.6AI score0.10295EPSS
Exploits1
OSV
OSV
added 2021/12/15 3:15 p.m.5 views

CVE-2021-43890

We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker...

7.1CVSS5.8AI score0.10295EPSS
Exploits1References6
Prion
Prion
added 2021/12/15 3:15 p.m.36 views

Spoofing

We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker...

6CVSS6.8AI score0.10295EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/12/15 2:15 p.m.205 views

CVE-2021-43890 Windows AppX Installer Spoofing Vulnerability

...

7.1CVSS7.3AI score0.10295EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2021/12/15 2:15 p.m.12 views

CVE-2021-43890 Windows AppX Installer Spoofing Vulnerability

...

7.1CVSS7.1AI score0.10295EPSS
Exploits1References5
CVE
CVE
added 2021/12/15 2:15 p.m.1184 views

CVE-2021-43890

CVE-2021-43890 is a Windows AppX Installer spoofing vulnerability. An attacker could craft a malicious package to be opened by a user, leveraging the ms-appinstaller URI handler to spoof trusted UI and execute code at the user’s level after social engineering (phishing). Attacks have been associa...

7.1CVSS8.4AI score0.10295EPSS
In wildExploits1References6Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2021/12/15 12:0 a.m.22 views

Microsoft Windows AppX Installer Spoofing Vulnerability

Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability...

7.1CVSS3.1AI score0.10295EPSS
In wildExploits1
Microsoft CVE
Microsoft CVE
added 2021/12/14 8:0 a.m.120 views

Windows AppX Installer Spoofing Vulnerability

We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker...

7.1CVSS7AI score0.10295EPSS
Exploits1
VulnCheck KEV
VulnCheck KEV
added 2021/12/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-43890

Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability...

7.1CVSS7.3AI score0.10295EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2021/12/14 12:0 a.m.51 views

KLA12386 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Office app can be exploited remotely to...

9.6CVSS9.4AI score0.10295EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/12/14 12:0 a.m.8 views

Microsoft Windows AppX Installer 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows AppX Installer. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the...

7.1CVSS8.2AI score0.10295EPSS
Exploits1References8
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.5 views

The vulnerability of the Windows AppX Deployment Service (AppXSVC) on Microsoft Windows operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the Windows AppX Deployment Service AppXSVC on Microsoft Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.1AI score0.00689EPSS
Exploits0References6
OSV
OSV
added 2021/10/13 1:15 a.m.5 views

CVE-2021-41347

Windows AppX Deployment Service Elevation of Privilege Vulnerability...

7.8CVSS7.1AI score0.00689EPSS
Exploits0References2
NVD
NVD
added 2021/10/13 1:15 a.m.22 views

CVE-2021-41347

Windows AppX Deployment Service Elevation of Privilege Vulnerability...

7.8CVSS0.00689EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/10/13 1:15 a.m.2 views

CVE-2021-41347

Windows AppX Deployment Service Elevation of Privilege Vulnerability...

7.8CVSS7.1AI score0.00689EPSS
Exploits0References3Affected Software15
CVE
CVE
added 2021/10/13 12:28 a.m.123 views

CVE-2021-41347

Technical details about CVE-2021-41347 are not publicly provided in the connected documents. The affected software/impact specifics are not disclosed here. Monitor for official advisories from Microsoft and CVE listings for updated exploit information and remediation.

7.8CVSS7.9AI score0.00689EPSS
Exploits0References2Affected Software5
Cvelist
Cvelist
added 2021/10/13 12:28 a.m.28 views

CVE-2021-41347 Windows AppX Deployment Service Elevation of Privilege Vulnerability

...

7.8CVSS8.3AI score0.00689EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/10/13 12:0 a.m.48 views

Microsoft Windows Multiple Vulnerabilities (KB5006667)

This host is missing a critical security update according to Microsoft KB5006667 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.3AI score0.73381EPSS
Exploits11References3
Rows per page
Query Builder