Lucene search
K
MicrosoftSystem Center Endpoint Protection2012

9 matches found

CVE
CVE
added 2021/01/12 7:42 p.m.1301 views

CVE-2021-1647

CVE-2021-1647 is a Microsoft Defender Remote Code Execution vulnerability. Multiple sources indicate it was exploited in the wild before patches were available, affecting Microsoft Defender/Windows Defender. The advisory notes a remote code execution risk; exploitation could allow an attacker to ...

7.8CVSS7.9AI score0.39653EPSS
In wild
CVE
CVE
added 2020/04/15 3:13 p.m.224 views

CVE-2020-1002

CVE-2020-1002 is an elevation of privilege vulnerability in Microsoft Defender linked to MpSigStub.exe, enabling an attacker who is logged on to delete files in arbitrary locations. The issue requires local access and user interaction-free exploitation via a specially crafted command, with exploi...

7.1CVSS7.1AI score0.00681EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.222 views

CVE-2020-1170

CVE-2020-1170 – Cloud Filter arbitrary file creation EOP (Windows) Affected component: Cloud Filter driver, cldflt.sys, on Windows 10 v1803 and later (pre-December 2020 updates). Root cause (as documented by the connected MSF module): the driver did not set IO_FORCE_ACCESS_CHECK or OBJ_FORCE_ACCE...

7.8CVSS7.7AI score0.01608EPSS
CVE
CVE
added 2019/09/23 7:14 p.m.212 views

CVE-2019-1255

Microsoft Malware Protection Engine Elevation of Privilege (CVE-2019-1255) exists due to improper file handling. An authenticated, remote attacker can exploit this to gain elevated privileges. Affected component: Defender/Malware Protection Engine. Impact: elevation of privilege; exploitation des...

7.5CVSS7.2AI score0.0387EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.198 views

CVE-2020-1163

CVE-2020-1163 is an Elevation of Privilege issue in Windows Defender that can lead to arbitrary file deletion. The exploit requires an authenticated logon to the system. Connected sources confirm the vulnerability affects Windows Defender with the same core description, but do not provide explici...

7.8CVSS7.7AI score0.00848EPSS
CVE
CVE
added 2018/04/04 5:0 p.m.171 views

CVE-2018-0986

CVE-2018-0986 (Microsoft Malware Protection Engine RCE) arises when the engine fails to properly scan a specially crafted file, causing memory corruption. This enables an attacker to execute arbitrary code with Local System privileges on affected systems, potentially taking control. Affected prod...

9.3CVSS8.7AI score0.61482EPSS
CVE
CVE
added 2019/08/14 8:55 p.m.150 views

CVE-2019-1161

Summary: CVE-2019-1161 is a privilege-escalation flaw in Microsoft Defender’s MpSigStub.exe that can enable an attacker to delete protected files at arbitrary locations. What is affected: Defender-related components using MpSigStub.exe (e.g., Windows Defender/Forefront Endpoint Protection suites)...

7.1CVSS6.5AI score0.00896EPSS
CVE
CVE
added 2021/02/25 11:1 p.m.149 views

CVE-2021-24092

CVE-2021-24092 is a Microsoft Defender elevation-of-privilege vulnerability affecting Windows Defender. The connected sources confirm a local, low-privilege attacker could achieve higher privileges (CVE-2021-24092), with a CVSSv3 base score of 7.8 (HIGH) and a local attack vector. Public records ...

7.8CVSS7.5AI score0.00545EPSS
CVE
CVE
added 2020/07/14 10:54 p.m.111 views

CVE-2020-1461

CVE-2020-1461 is a Microsoft Defender elevation of privilege vulnerability in MpSigStub.exe that can allow deletion of files in arbitrary locations. Exploitation requires the attacker to log on to the system, then, with MpSigStub.exe running, execute crafted actions to delete protected files. Mic...

7.1CVSS7.1AI score0.0072EPSS