Microsoft Defender for Endpoint Spoofing Vulnerability
CVE-2022-23278

5.9MEDIUM

Key Information:

Vendor
Microsoft
Status
Microsoft Defender For Endpoint For Linux
Microsoft Defender For Endpoint For Mac
Microsoft Defender For Endpoint For Android
Microsoft Defender For Endpoint For iOS
Vendor
CVE Published:
9 March 2022

Summary

Microsoft Defender for Endpoint Spoofing Vulnerability

Affected Version(s)

Microsoft Defender for Endpoint EDR sensor Windows Server 2016 1.0.0.0 < 10.8047.22439

Microsoft Defender for Endpoint for Android Unknown 1.0.0.0 < 1.0.3011.0302

Microsoft Defender for Endpoint for iOS Unknown 1.0.0.0 < 1.1.18090109

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.