Defender For Endpoint
CVE-2022-35828
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
AnalysisAI
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical ContextAI
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability Affected products include: Microsoft Defender For Endpoint.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Defender For Endpoint
View allMicrosoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers
Microsoft Defender for Endpoint on Android Spoofing Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vu
Local privilege escalation in Microsoft Defender for Endpoint for Mac (versions 101.0.0 through 101.26042.0010) allows a
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privil
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender al
Microsoft Defender for Endpoint Tampering Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotel
Microsoft Defender for Endpoint Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. Ra
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today