KLA12072
PE vulnerabilities in Microsoft System Center

Updated: 02/16/2021
Detect date
?
02/09/2021
Severity
?
High
Description

An elevation of privilege vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to gain privileges.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in System Center Operations Manager can be exploited remotely to gain privileges.
  2. An elevation of privilege vulnerability in Microsoft Defender can be exploited remotely to gain privileges.
Affected products

System Center 2019 Operations Manager
Microsoft Endpoint Protection
Microsoft System Center 2012 R2 Endpoint Protection
Microsoft Security Essentials
Microsoft System Center 2012 Endpoint Protection
Windows Defender
Microsoft System Center Endpoint Protection

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2021-1728
CVE-2021-24092

Impacts
?
PE 
[?]
Related products
Microsoft Windows
Microsoft System Center Operations Manager
Windows Defender
CVE-IDS
?
KB list

4601269

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region