Defender For Endpoint
CVE-2022-33637
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionCVE.org
Microsoft Defender for Endpoint Tampering Vulnerability
AnalysisAI
Microsoft Defender for Endpoint Tampering Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
Affected products include: Microsoft Defender For Endpoint.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Defender For Endpoint
View allMicrosoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers
Microsoft Defender for Endpoint on Android Spoofing Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vu
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulne
Local privilege escalation in Microsoft Defender for Endpoint for Mac (versions 101.0.0 through 101.26042.0010) allows a
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privil
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender al
Microsoft Defender for Endpoint Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. Ra
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today