20 matches found
CVE-2022-23265
CVE-2022-23265 affects Microsoft Defender for IoT and is described as a Remote Code Execution vulnerability. Public details in the provided documents identify the affected product (Microsoft Defender for IoT), the issue as a remote code execution flaw, and a network attack vector with low complex...
CVE-2022-23266
CVE-2022-23266 is a Microsoft Defender for IoT elevation-of-privilege vulnerability. The CVE targets Defender for IoT with a LOCAL, low-complexity vector that could grant elevated privileges, with CONFIDENTIALITY, INTEGRITY, and AVAILABILITY impacts rated HIGH. Public documents identify affected ...
CVE-2024-21323
CVE-2024-21323 is a Defender for IoT remote code execution vulnerability. The connected sources describe a path-traversal flaw in the sensor update process: an attacker who can authenticate to the Defender for IoT web application and control how the sensor receives updates could push a malicious ...
CVE-2024-29053
CVE-2024-29053 affects Microsoft Defender for IoT . Public sources describe a Remote Code Execution (RCE) vulnerability in Defender for IoT that can be exploited via a path traversal involved with the file-upload/update mechanism. An attacker must be authenticated and have access to the update/fi...
CVE-2024-21322
CVE-2024-21322 affects Microsoft Defender for IoT. Affected component is the Defender for IoT web application; the root cause is described by Microsoft as CWE-77 (improper neutralization of commands). Exploitation yields remote code execution and requires the attacker to have existing administrat...
CVE-2024-21324
CVE-2024-21324 – Microsoft Defender for IoT Elevation of Privilege is a Defender for IoT vulnerability. Current sources indicate a privilege-escalation flaw within Defender for IoT that could allow a malicious actor to gain higher permissions in the process, with CVSSv3 base score 7.2 (AV:N/AC:L/...
CVE-2024-29055
Summary (CVE-2024-29055 | Microsoft Defender for IoT) A known elevation of privilege vulnerability in Microsoft Defender for IoT. The root cause is described as inadequate access control that could allow a remote attacker to escalate privileges within the affected software. Several sources flag t...
CVE-2024-29054
Technical details about CVE-2024-29054 are not provided in the connected documents. Available sources confirm an Elevation of Privilege vulnerability in Microsoft Defender for IoT, but do not specify affected components, root cause, versions, or fixes. Monitor for updates.
CVE-2023-23379
CVE-2023-23379 affects Microsoft Defender for IoT. Documented as an Elevation of Privilege vulnerability; root cause cited as insufficient access control. Affected component is Defender for IoT (Microsoft Defender) with local attack vector and privilege escalation potential. Base CVSSv3 is 7.8 (H...
CVE-2021-42311
CVE-2021-42311 concerns Microsoft Defender for IoT and is described in connected sources as a remote code execution vulnerability. The PT-2021-6207 entry attributes the issue to incorrect code generation management in Defender for IoT, which could allow a remote attacker to execute arbitrary code...
CVE-2021-43889
CVE-2021-43889 affects Microsoft Defender for IoT. Connected sources describe a remote code execution vulnerability arising from incorrect code generation management in Defender for IoT, enabling a remote attacker to execute arbitrary code on the target host via a crafted request. The vulnerabili...
CVE-2021-43882
The CVE-2021-43882 entry applies to Microsoft Defender for IoT and is described in connected sources as a remote code execution vulnerability. PT-2021-6248 specifies that the issue stems from improper code generation management and states that exploitation could be achieved by a remote attacker s...
CVE-2021-42315
CVE-2021-42315 pertains to Microsoft Defender for IoT and is documented as a remote code execution vulnerability. Connected sources indicate the issue involves Microsoft Defender for IoT and cite a root cause related to incorrect code generation management in Defender for IoT (PT-2021-5699). The ...
CVE-2021-42313
CVE-2021-42313 maps to Microsoft Defender for IoT Remote Code Execution vulnerability. Connected data indicate the issue affects Microsoft Defender for IoT and stems from a flaw in SQL query structure protections, described in PT-2021-6214 as enabling potential remote code execution and possible ...
CVE-2021-42310
CVE-2021-42310 affects Microsoft Defender for IoT. Connected PT-2021-6194 identifies the root cause as incorrect code generation management in Defender for IoT, enabling a remote attacker to execute arbitrary code using a specially crafted request. The vulnerability is described as a remote code ...
CVE-2024-38089
CVE-2024-38089 is a vulnerability in Microsoft Defender for IoT that enables elevation of privileges. The NVD entry labels it as a high-severity issue with remote activation potential (network attack vector, low complexity) and impact to confidentiality, integrity, and availability. Connected sou...
CVE-2021-41365
CVE-2021-41365 affects Microsoft Defender for IoT. The connected sources indicate a remote code execution vulnerability in Defender for IoT, with at least one entry describing an issue related to incorrect code generation management in Defender for IoT that could let a remote attacker execute arb...
CVE-2021-42314
Summary: CVE-2021-42314 is a Microsoft Defender for IoT remote code execution vulnerability. The connected CNVD entry confirms the issue as a remote code execution vulnerability in Microsoft Defender for IoT. The CVE entry indicates an RCE with high impact (confidentiality, integrity, and availab...
CVE-2021-42312
Technical details (affected versions, root cause, exploitability) are not provided in the connected documents. Monitor for updates and forthcoming disclosures before assessing risk.
CVE-2021-43888
The CVE-2021-43888 entry concerns Microsoft Defender for IoT with an Information Disclosure vulnerability. Affected product: Microsoft Defender for IoT. Root cause and details are not fully disclosed in all sources, but the NVD/mitigations indicate an information disclosure with HIGH confidential...