Lucene search
K
MicrosoftDefender For Endpoint

12 matches found

CVE
CVE
added 2024/02/13 6:2 p.m.236 views

CVE-2024-21315

Technical details for CVE-2024-21315 are not provided in the supplied documents. No affected products/versions, root cause, exploitability, or mitigations are specified here; monitor for updates.

7.8CVSS7.9AI score0.00633EPSS
CVE
CVE
added 2022/03/09 5:6 p.m.225 views

CVE-2022-23278

CVE-2022-23278 is a Microsoft Defender for Endpoint spoofing vulnerability. The issue concerns spoofing to tamper with security protections. Microsoft released a security update to address the vulnerability (MG MSRC guidance and OS updates referenced). CVSS v3.1 base score is 5.9 (NETWORK, HIGH a...

5.9CVSS5.9AI score0.0183EPSS
CVE
CVE
added 2022/07/12 10:37 p.m.166 views

CVE-2022-33637

Microsoft Defender for Endpoint Tampering Vulnerability (CVE-2022-33637) is described in connected sources as an issue caused by insufficient input validation that can let an attacker remotely elevate privileges and execute arbitrary code, impacting Defender for Endpoint. The PT-2022-4303 entry n...

6.5CVSS6.7AI score0.01203EPSS
CVE
CVE
added 2024/12/12 7:7 p.m.115 views

CVE-2024-49071

CVE-2024-49071 affects Microsoft Windows Defender (Windows Defender/Defender for Endpoint for Windows). The underlying issue is improper authorization of an index containing sensitive information from a Global Files search, which could allow an authorized attacker to disclose information over a n...

6.5CVSS6.3AI score0.01083EPSS
CVE
CVE
added 2025/05/15 7:21 p.m.89 views

CVE-2025-47161

CVE-2025-47161 affects Microsoft Defender for Endpoint for Linux. The vulnerability is described as improper access control enabling local privilege escalation by an authorized attacker. Connected sources document a PoC/exploit framework for this elevation of privilege and reference affected Linu...

7.8CVSS6.3AI score0.00705EPSS
CVE
CVE
added 2022/09/13 6:41 p.m.84 views

CVE-2022-35828

CVE-2022-35828 is an elevation-of-privilege vulnerability in Microsoft Defender for Endpoint for Mac. The root cause is insufficient access control, enabling a local, authenticated attacker to escalate privileges to SYSTEM/root. Impact is privilege escalation on macOS endpoints running Defender f...

7.8CVSS7.8AI score0.00464EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.83 views

CVE-2024-49057

CVE-2024-49057 affects Microsoft Defender for Endpoint on Android. The issue is due to insufficient input validation in the Defender Android component, enabling remote spoofing by an attacker. CVSS v3.1 base score 8.1 (HIGH); impacts: confidentiality and integrity HIGH, availability NONE. No fix ...

8.1CVSS7.9AI score0.01703EPSS
CVE
CVE
added 2025/05/13 4:58 p.m.82 views

CVE-2025-26684

CVE-2025-26684 is a Microsoft Defender Elevation of Privilege vulnerability in Defender for Endpoint where external control of a file name or path enables a locally authenticated attacker with high privileges to elevate to a higher privilege level. The CVSSv3.1 base score is 6.7 (Medium) with loc...

6.7CVSS7.2AI score0.00365EPSS
CVE
CVE
added 2024/10/08 5:36 p.m.69 views

CVE-2024-43614

CVE-2024-43614 is a relative path traversal vulnerability affecting Microsoft Defender for Endpoint for Linux, enabling an authorized local attacker to perform spoofing. The connected documents (MSRC/Microsoft, ENISA/NCSC, CIRCL, and NVD entry) confirm the vulnerability description but do not pro...

5.5CVSS6.2AI score0.00643EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.27 views

CVE-2025-59497

CVE-2025-59497 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Linux that allows an authorized local attacker to cause a denial of service. The available documents confirm the vulnerability is in Defender for Linux and that the impact is denial of service w...

7CVSS6.3AI score0.00188EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.25 views

CVE-2026-21537

Technical details such as affected product versions, root cause, exploit methods, and patches are not provided in the supplied documents. Monitor for updates and new disclosures.

8.8CVSS5.7AI score0.00532EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.23 views

CVE-2026-45647

CVE-2026-45647 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Endpoint (Mac) that can allow an authorized locally logged-in attacker to elevate privileges. The Red Hat, NVD, MSRC and CVE records consistently frame the issue as a local elevation of privileg...

7CVSS5.4AI score0.00215EPSS