Multiple vulnerabilities in Microsoft System Center

Описание

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Defender for IoT can be exploited remotely to execute arbitrary code.
2. An elevation of privilege vulnerability in Microsoft Defender for IoT can be exploited remotely to gain privileges.
3. A spoofing vulnerability in Microsoft Defender for Endpoint can be exploited remotely to spoof user interface.

Первичный источник обнаружения

• CVE-2022-23265
  CVE-2022-23266
  CVE-2022-23278
  

Связанные продукты

• Microsoft-Defender-for-IoT
• Microsoft-Defender-for-Endpoint-for-Windows

Список CVE

• CVE-2022-23265
  critical
• CVE-2022-23266
  critical
• CVE-2022-23278
  high

Список KB

• 5011487
• 5011485
• 5011580
• 5011493
• 5011503
• 5011497

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com