Defender For Endpoint
Monthly
Microsoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers to execute arbitrary code without authentication. The flaw affects multiple platforms and carries high severity (CVSS 8.8) with no patch currently available. An attacker on the local network could achieve complete system compromise through this unauthenticated attack vector.
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Microsoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers to execute arbitrary code without authentication. The flaw affects multiple platforms and carries high severity (CVSS 8.8) with no patch currently available. An attacker on the local network could achieve complete system compromise through this unauthenticated attack vector.
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.