Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2023-23379
7.8HIGH
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 14 February 2023
What is CVE-2023-23379?
An elevation of privilege vulnerability exists in Microsoft Defender for IoT, which could allow an attacker to gain unauthorized access and execute arbitrary code within the context of the application. This flaw poses a significant risk to the integrity and confidentiality of the connected devices managed by the Defender, emphasizing the need for prompt patch management and system monitoring.
Affected Version(s)
Microsoft Defender for IoT Unknown 22.0.0 < 22.3.6