KLA20226
Multiple vulnerabilities in Microsoft System Center

Обновлено: 29/09/2023
Дата обнаружения
14/02/2023
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges.

Below is a complete list of vulnerabilities:

  1. A security feature bypass vulnerability in Microsoft Defender for Endpoint can be exploited remotely to bypass security restrictions.
  2. An elevation of privilege vulnerability in Microsoft Defender for IoT can be exploited remotely to gain privileges.
Пораженные продукты

Microsoft Defender Security Intelligence Updates
Microsoft Defender for IoT

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2023-21809
CVE-2023-23379
Оказываемое влияние
?
SB 
[?]

PE 
[?]
Связанные продукты
Microsoft Defender for IoT
CVE-IDS
CVE-2023-218095.0Warning
CVE-2023-233795.0Warning