12 matches found
CVE-2024-21315
Technical details for CVE-2024-21315 are not provided in the supplied documents. No affected products/versions, root cause, exploitability, or mitigations are specified here; monitor for updates.
CVE-2022-23278
CVE-2022-23278 is a Microsoft Defender for Endpoint spoofing vulnerability. The issue concerns spoofing to tamper with security protections. Microsoft released a security update to address the vulnerability (MG MSRC guidance and OS updates referenced). CVSS v3.1 base score is 5.9 (NETWORK, HIGH a...
CVE-2022-33637
Microsoft Defender for Endpoint Tampering Vulnerability (CVE-2022-33637) is described in connected sources as an issue caused by insufficient input validation that can let an attacker remotely elevate privileges and execute arbitrary code, impacting Defender for Endpoint. The PT-2022-4303 entry n...
CVE-2024-49071
CVE-2024-49071 affects Microsoft Windows Defender (Windows Defender/Defender for Endpoint for Windows). The underlying issue is improper authorization of an index containing sensitive information from a Global Files search, which could allow an authorized attacker to disclose information over a n...
CVE-2025-47161
CVE-2025-47161 affects Microsoft Defender for Endpoint for Linux. The vulnerability is described as improper access control enabling local privilege escalation by an authorized attacker. Connected sources document a PoC/exploit framework for this elevation of privilege and reference affected Linu...
CVE-2022-35828
CVE-2022-35828 is an elevation-of-privilege vulnerability in Microsoft Defender for Endpoint for Mac. The root cause is insufficient access control, enabling a local, authenticated attacker to escalate privileges to SYSTEM/root. Impact is privilege escalation on macOS endpoints running Defender f...
CVE-2024-49057
CVE-2024-49057 affects Microsoft Defender for Endpoint on Android. The issue is due to insufficient input validation in the Defender Android component, enabling remote spoofing by an attacker. CVSS v3.1 base score 8.1 (HIGH); impacts: confidentiality and integrity HIGH, availability NONE. No fix ...
CVE-2025-26684
CVE-2025-26684 is a Microsoft Defender Elevation of Privilege vulnerability in Defender for Endpoint where external control of a file name or path enables a locally authenticated attacker with high privileges to elevate to a higher privilege level. The CVSSv3.1 base score is 6.7 (Medium) with loc...
CVE-2024-43614
CVE-2024-43614 is a relative path traversal vulnerability affecting Microsoft Defender for Endpoint for Linux, enabling an authorized local attacker to perform spoofing. The connected documents (MSRC/Microsoft, ENISA/NCSC, CIRCL, and NVD entry) confirm the vulnerability description but do not pro...
CVE-2025-59497
CVE-2025-59497 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Linux that allows an authorized local attacker to cause a denial of service. The available documents confirm the vulnerability is in Defender for Linux and that the impact is denial of service w...
CVE-2026-21537
Technical details such as affected product versions, root cause, exploit methods, and patches are not provided in the supplied documents. Monitor for updates and new disclosures.
CVE-2026-45647
CVE-2026-45647 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Endpoint (Mac) that can allow an authorized locally logged-in attacker to elevate privileges. The Red Hat, NVD, MSRC and CVE records consistently frame the issue as a local elevation of privileg...