Multiple vulnerabilities in Microsoft System Center

Description

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Defender for IoT can be exploited remotely to execute arbitrary code.
2. An elevation of privilege vulnerability in Microsoft Defender for IoT can be exploited remotely to gain privileges.
3. A spoofing vulnerability in Microsoft Defender for Endpoint can be exploited remotely to spoof user interface.

Original advisories

• CVE-2022-23265

• CVE-2022-23266
• CVE-2022-23278

Related products

• Microsoft-Defender-for-IoT
• Microsoft-Defender-for-Endpoint-for-Windows

CVE list

• CVE-2022-23265
  critical
• CVE-2022-23266
  critical
• CVE-2022-23278
  high

KB list

• 5011487
• 5011485
• 5011580
• 5011493
• 5011503
• 5011497

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com