Skip to main content

Defender For Endpoint CVE-2024-21315

HIGH
Improper Input Validation (CWE-20)
2024-02-13 secure@microsoft.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Feb 13, 2024 - 18:15 nvd
HIGH 7.8

DescriptionNVD

Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability

AnalysisAI

Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-20. Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability Affected products include: Microsoft Defender For Endpoint.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2026-21537 HIGH
8.8 Feb 10

Microsoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers

CVE-2024-49057 HIGH
8.1 Dec 12

Microsoft Defender for Endpoint on Android Spoofing Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is

CVE-2022-35828 HIGH
7.8 Sep 13

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulne

CVE-2026-45647 HIGH
7.0 Jun 09

Local privilege escalation in Microsoft Defender for Endpoint for Mac (versions 101.0.0 through 101.26042.0010) allows a

CVE-2025-26684 MEDIUM
6.7 May 13

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privil

CVE-2024-49071 MEDIUM
6.5 Dec 12

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender al

CVE-2022-33637 MEDIUM
6.5 Jul 12

Microsoft Defender for Endpoint Tampering Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotel

CVE-2022-23278 MEDIUM
5.9 Mar 09

Microsoft Defender for Endpoint Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely

CVE-2024-43614 MEDIUM
5.5 Oct 08

Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. Ra

CVE-2025-47161 HIGH POC
7.8 May 15

Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

Share

CVE-2024-21315 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy