Lucene search
+L
MicrosoftDefender For Iot

20 matches found

CVE
CVE
added 2022/03/09 5:6 p.m.492 views

CVE-2022-23265

CVE-2022-23265 affects Microsoft Defender for IoT and is described as a Remote Code Execution vulnerability. Public details in the provided documents identify the affected product (Microsoft Defender for IoT), the issue as a remote code execution flaw, and a network attack vector with low complex...

8.8CVSS7.3AI score0.02737EPSS
CVE
CVE
added 2022/03/09 5:6 p.m.228 views

CVE-2022-23266

CVE-2022-23266 is a Microsoft Defender for IoT elevation-of-privilege vulnerability. The CVE targets Defender for IoT with a LOCAL, low-complexity vector that could grant elevated privileges, with CONFIDENTIALITY, INTEGRITY, and AVAILABILITY impacts rated HIGH. Public documents identify affected ...

7.8CVSS7.7AI score0.01043EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.207 views

CVE-2024-21323

CVE-2024-21323 is a Defender for IoT remote code execution vulnerability. The connected sources describe a path-traversal flaw in the sensor update process: an attacker who can authenticate to the Defender for IoT web application and control how the sensor receives updates could push a malicious ...

8.8CVSS8.8AI score0.03199EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.185 views

CVE-2024-29053

CVE-2024-29053 affects Microsoft Defender for IoT . Public sources describe a Remote Code Execution (RCE) vulnerability in Defender for IoT that can be exploited via a path traversal involved with the file-upload/update mechanism. An attacker must be authenticated and have access to the update/fi...

8.8CVSS8.8AI score0.03199EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.173 views

CVE-2024-21322

CVE-2024-21322 affects Microsoft Defender for IoT. Affected component is the Defender for IoT web application; the root cause is described by Microsoft as CWE-77 (improper neutralization of commands). Exploitation yields remote code execution and requires the attacker to have existing administrat...

7.2CVSS8.8AI score0.03077EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.172 views

CVE-2024-21324

CVE-2024-21324 – Microsoft Defender for IoT Elevation of Privilege is a Defender for IoT vulnerability. Current sources indicate a privilege-escalation flaw within Defender for IoT that could allow a malicious actor to gain higher permissions in the process, with CVSSv3 base score 7.2 (AV:N/AC:L/...

7.2CVSS8.9AI score0.02291EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.150 views

CVE-2024-29055

Summary (CVE-2024-29055 | Microsoft Defender for IoT) A known elevation of privilege vulnerability in Microsoft Defender for IoT. The root cause is described as inadequate access control that could allow a remote attacker to escalate privileges within the affected software. Several sources flag t...

7.2CVSS7.1AI score0.02291EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.139 views

CVE-2024-29054

Technical details about CVE-2024-29054 are not provided in the connected documents. Available sources confirm an Elevation of Privilege vulnerability in Microsoft Defender for IoT, but do not specify affected components, root cause, versions, or fixes. Monitor for updates.

7.2CVSS7.1AI score0.02291EPSS
CVE
CVE
added 2023/02/14 7:32 p.m.110 views

CVE-2023-23379

CVE-2023-23379 affects Microsoft Defender for IoT. Documented as an Elevation of Privilege vulnerability; root cause cited as insufficient access control. Affected component is Defender for IoT (Microsoft Defender) with local attack vector and privilege escalation potential. Base CVSSv3 is 7.8 (H...

7.8CVSS6.9AI score0.00445EPSS
CVE
CVE
added 2021/12/15 2:14 p.m.98 views

CVE-2021-42311

CVE-2021-42311 concerns Microsoft Defender for IoT and is described in connected sources as a remote code execution vulnerability. The PT-2021-6207 entry attributes the issue to incorrect code generation management in Defender for IoT, which could allow a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.0403EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.95 views

CVE-2021-43889

CVE-2021-43889 affects Microsoft Defender for IoT. Connected sources describe a remote code execution vulnerability arising from incorrect code generation management in Defender for IoT, enabling a remote attacker to execute arbitrary code on the target host via a crafted request. The vulnerabili...

7.2CVSS7.8AI score0.02209EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.94 views

CVE-2021-43882

The CVE-2021-43882 entry applies to Microsoft Defender for IoT and is described in connected sources as a remote code execution vulnerability. PT-2021-6248 specifies that the issue stems from improper code generation management and states that exploitation could be achieved by a remote attacker s...

9.8CVSS8.3AI score0.02419EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.88 views

CVE-2021-42315

CVE-2021-42315 pertains to Microsoft Defender for IoT and is documented as a remote code execution vulnerability. Connected sources indicate the issue involves Microsoft Defender for IoT and cite a root cause related to incorrect code generation management in Defender for IoT (PT-2021-5699). The ...

8.8CVSS7.8AI score0.02172EPSS
CVE
CVE
added 2021/12/15 2:14 p.m.86 views

CVE-2021-42313

CVE-2021-42313 maps to Microsoft Defender for IoT Remote Code Execution vulnerability. Connected data indicate the issue affects Microsoft Defender for IoT and stems from a flaw in SQL query structure protections, described in PT-2021-6214 as enabling potential remote code execution and possible ...

10CVSS8.3AI score0.03825EPSS
CVE
CVE
added 2021/12/15 2:14 p.m.84 views

CVE-2021-42310

CVE-2021-42310 affects Microsoft Defender for IoT. Connected PT-2021-6194 identifies the root cause as incorrect code generation management in Defender for IoT, enabling a remote attacker to execute arbitrary code using a specially crafted request. The vulnerability is described as a remote code ...

9.8CVSS8.3AI score0.01992EPSS
CVE
CVE
added 2024/07/09 5:3 p.m.84 views

CVE-2024-38089

CVE-2024-38089 is a vulnerability in Microsoft Defender for IoT that enables elevation of privileges. The NVD entry labels it as a high-severity issue with remote activation potential (network attack vector, low complexity) and impact to confidentiality, integrity, and availability. Connected sou...

9.9CVSS9.3AI score0.01164EPSS
CVE
CVE
added 2021/12/15 2:14 p.m.83 views

CVE-2021-41365

CVE-2021-41365 affects Microsoft Defender for IoT. The connected sources indicate a remote code execution vulnerability in Defender for IoT, with at least one entry describing an issue related to incorrect code generation management in Defender for IoT that could let a remote attacker execute arb...

8.8CVSS7.8AI score0.02712EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.81 views

CVE-2021-42314

Summary: CVE-2021-42314 is a Microsoft Defender for IoT remote code execution vulnerability. The connected CNVD entry confirms the issue as a remote code execution vulnerability in Microsoft Defender for IoT. The CVE entry indicates an RCE with high impact (confidentiality, integrity, and availab...

8.8CVSS7.8AI score0.02172EPSS
CVE
CVE
added 2021/12/15 2:14 p.m.75 views

CVE-2021-42312

Technical details (affected versions, root cause, exploitability) are not provided in the connected documents. Monitor for updates and forthcoming disclosures before assessing risk.

7.8CVSS7.7AI score0.00544EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.74 views

CVE-2021-43888

The CVE-2021-43888 entry concerns Microsoft Defender for IoT with an Information Disclosure vulnerability. Affected product: Microsoft Defender for IoT. Root cause and details are not fully disclosed in all sources, but the NVD/mitigations indicate an information disclosure with HIGH confidential...

7.5CVSS7.3AI score0.02997EPSS