Описание
Windows App Installer Spoofing Vulnerability
Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.
FAQ
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Exploitation requires the attacker to first gain the ability to intercept or influence update‑related network communications. This depends on environment‑specific conditions and preparatory actions that are outside the attacker’s direct control, making the exploit difficult to perform reliably.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows App Client for Windows Desktop |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.
Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.
Уязвимость клиента удаленного рабочего стола Windows App Client (ранее - Remote Desktop Client), связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю проводить спуфинг-атаки
EPSS
5.9 Medium
CVSS3