Описание
Microsoft Defender for IoT Remote Code Execution Vulnerability
FAQ
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires the attacker to be able to send a malicious update package to the Defender for IoT sensor over the network. To do this, the attacker would first need to authenticate themselves and gain the necessary permissions to initiate the update process.
How could an attacker exploit this vulnerability?
Successful exploitation of this path traversal vulnerability would require an attacker to have user credentials on the targeted machine and then send a tar file to the Defender for IoT sensor. After the extraction process completed, the attacker could then send unsigned update packages and overwrite any file they chose.
What actions do customers need to take to protect themselves from this vulnerability?
Customers need to update their Defender for IoT software to version 24.1.3 or above. For more information, see OT monitoring software versions.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Defender for IoT |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8.8 High
CVSS3
Связанные уязвимости
Microsoft Defender for IoT Remote Code Execution Vulnerability
Microsoft Defender for IoT Remote Code Execution Vulnerability
Уязвимость комплекса средств по обнаружению угроз для сред Интернета вещей Microsoft Defender for IoT, связанная с неверным ограничением имени пути к каталогу, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3