7 matches found
CVE-2024-21315
Technical details for CVE-2024-21315 are not provided in the supplied documents. No affected products/versions, root cause, exploitability, or mitigations are specified here; monitor for updates.
CVE-2025-47161
CVE-2025-47161 affects Microsoft Defender for Endpoint for Linux. The vulnerability is described as improper access control enabling local privilege escalation by an authorized attacker. Connected sources document a PoC/exploit framework for this elevation of privilege and reference affected Linu...
CVE-2025-26684
CVE-2025-26684 is a Microsoft Defender Elevation of Privilege vulnerability in Defender for Endpoint where external control of a file name or path enables a locally authenticated attacker with high privileges to elevate to a higher privilege level. The CVSSv3.1 base score is 6.7 (Medium) with loc...
CVE-2024-49057
CVE-2024-49057 affects Microsoft Defender for Endpoint on Android. The issue is due to insufficient input validation in the Defender Android component, enabling remote spoofing by an attacker. CVSS v3.1 base score 8.1 (HIGH); impacts: confidentiality and integrity HIGH, availability NONE. No fix ...
CVE-2024-43614
CVE-2024-43614 is a relative path traversal vulnerability affecting Microsoft Defender for Endpoint for Linux, enabling an authorized local attacker to perform spoofing. The connected documents (MSRC/Microsoft, ENISA/NCSC, CIRCL, and NVD entry) confirm the vulnerability description but do not pro...
CVE-2026-45647
CVE-2026-45647 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Endpoint (Mac) that can allow an authorized locally logged-in attacker to elevate privileges. The Red Hat, NVD, MSRC and CVE records consistently frame the issue as a local elevation of privileg...
CVE-2025-59497
CVE-2025-59497 describes a time-of-check time-of-use (TOCTOU) race condition in Microsoft Defender for Linux that allows an authorized local attacker to cause a denial of service. The available documents confirm the vulnerability is in Defender for Linux and that the impact is denial of service w...