Skip to main content

Malware Protection Engine CVE-2022-37971

HIGH
2022-10-11 secure@microsoft.com
7.1
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
7.1 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 11, 2022 - 19:15 cve.org
HIGH 7.1

DescriptionCVE.org

Microsoft Windows Defender Elevation of Privilege Vulnerability

AnalysisAI

Microsoft Windows Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Technical ContextAI

Microsoft Windows Defender Elevation of Privilege Vulnerability Affected products include: Microsoft Malware Protection Engine.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-0290 HIGH POC
7.8 May 09

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve

CVE-2017-8541 HIGH POC
7.8 May 26

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve

CVE-2017-8538 HIGH POC
7.8 May 26

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve

CVE-2017-11937 HIGH
7.8 Dec 07

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows

CVE-2017-11940 HIGH
7.8 Dec 08

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows

CVE-2013-1346 CRITICAL
9.3 May 15

mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execut

CVE-2017-8542 MEDIUM
5.5 May 26

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve

CVE-2017-8539 MEDIUM
5.5 May 26

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve

CVE-2021-42298 HIGH
7.8 Nov 10

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authent

CVE-2021-34471 HIGH
7.8 Aug 12

Microsoft Windows Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l

CVE-2021-34464 HIGH
7.8 Jul 16

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authent

CVE-2021-34522 HIGH
7.8 Jul 14

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authent

Share

CVE-2022-37971 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy