KLA12072
PE vulnerabilities in Microsoft System Center

Updated: 02/16/2021
Detect date
?
02/09/2021
Severity
?
High
Description

An elevation of privilege vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to gain privileges.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in System Center Operations Manager can be exploited remotely to gain privileges.
  2. An elevation of privilege vulnerability in Microsoft Defender can be exploited remotely to gain privileges.
Affected products

System Center 2019 Operations Manager
Microsoft Endpoint Protection
Microsoft System Center 2012 R2 Endpoint Protection
Microsoft Security Essentials
Microsoft System Center 2012 Endpoint Protection
Windows Defender
Microsoft System Center Endpoint Protection

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2021-1728
CVE-2021-24092

Impacts
?
PE 
[?]
Related products
Microsoft Windows
Microsoft System Center Operations Manager
Windows Defender
CVE-IDS
?
CVE-2021-17280.0Unknown
CVE-2021-240920.0Unknown
KB list

4601269