Microsoft Defender for Endpoint on Android Spoofing Vulnerability
CVE-2024-49057

8.1HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Defender For Endpoint For Android
Vendor: CVE Published:; 12 December 2024

Summary

A spoofing vulnerability has been identified in Microsoft Defender for Endpoint on Android, affecting the security posture of the affected devices. This flaw allows an attacker to impersonate legitimate users, potentially leading to unauthorized access and security breaches. Users of Microsoft Defender for Endpoint on Android are strongly advised to apply security updates and patches as they become available to mitigate this risk.

Affected Version(s)

Microsoft Defender for Endpoint for Android Unknown 1.0.0.0 < 1.0.7128.0101

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2024
Vulnerability Reserved
Oct 11, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed