Vulnerability-Lookup

CVE-2022-37971 (GCVE-0-2022-37971)

Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2025-01-02 21:27

Title

Microsoft Windows Defender Elevation of Privilege Vulnerability

Summary

Microsoft Windows Defender Elevation of Privilege Vulnerability

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C

CWE

Elevation of Privilege

Assigner

microsoft

References

URL

Tags

https://msrc.microsoft.com/update-guide/vulnerabi…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Microsoft	Microsoft Malware Protection Engine	Affected: 1.1.0.0 , < 1.1.19700.2 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:37:42.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Malware Protection Engine",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.1.19700.2",
              "status": "affected",
              "version": "1.1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.1.19700.2",
                  "versionStartIncluding": "1.1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2022-10-11T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-02T21:27:05.476Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971"
        }
      ],
      "title": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2022-37971",
    "datePublished": "2022-10-11T00:00:00",
    "dateReserved": "2022-08-08T00:00:00",
    "dateUpdated": "2025-01-02T21:27:05.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2023-AVI-0633

Vulnerability from certfr_avis - Published: 2023-08-08 - Updated: 2023-08-08

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

SICAM TOOLBOX II versions antérieures à 07.10
Périphériques RUGGEDCOM ROS versions antérieures à 4.3.8
Solid Edge SE2023 versions antérieures à 223.0 Update 7
RUGGEDCOM CROSSBOW versions antérieures à 5.4
Parasolid versions 34.1.x antérieures à 34.1.258
Parasolid versions 35.0.x antérieures à 35.0.254
Parasolid versions 35.1.x antérieures à 35.1.197
Teamcenter Visualization versions 14.1.x, se référer à l'avis éditeur pour plus d'information sur les mesures de contournement
Teamcenter Visualization versions 14.2.x antérieures à 14.2.0.6
Teamcenter Visualization versions 14.3.x, se référer à l'avis éditeur pour plus d'information sur les mesures de contournement
SIMATIC contrôleur de disque CPU 1504D versions antérieures à 3.0.3
SIMATIC contrôleur de disque CPU 1507D versions antérieures à 3.0.3
SIMATIC ET toutes versions
SIMATIC IPC toutes versions
SIMATIC S7 versions antérieures à 3.0.3
SIPLUS ET versions antérieures à 3.3.19
SIPLUS S7 versions antérieures à 3.0.3
Siemens Software Center versions antérieures à 3.0
APOGEE PXC Compact versions antérieures à 3.5.5
APOGEE PXC Compact (P2 Ethernet) versions antérieures à 2.8.20
APOGEE PXC Modular (BACnet) versions antérieures à 3.5.5
APOGEE PXC Modular (P2 Ethernet) versions antérieures à 2.8.20
TALON TC Compact versions antérieures à 3.5.5
TALON TC Modular (BACnet) versions antérieures à 3.5.5
JT2Go versions antérieures à 14.2.0.5
Solid Edge SE2022 versions antérieures à 222.0 Update 13
Solid Edge SE2023 versions antérieures à 223.0 Update 4
Teamcenter Visualization versions 13.2.x antérieures à 13.2.0.15
Teamcenter Visualization versions 13.3.x antérieures à 13.3.0.11
Teamcenter Visualization versions 14.1.x antérieures à 14.1.0.11
Teamcenter Visualization versions 14.2.x antérieures à 14.2.0.5
Parasolid versions 35.0.x sans la procédure de réinstallation
Parasolid versions 35.1.x sans la procédure de réinstallation
JT Open versions antérieures à 11.4
JT Utilities versions antérieures à 13.4
Parasolid versions 34.0.x antérieures à 34.0.253
Parasolid versions 34.1.x antérieures à 34.1.243
Parasolid versions 35.0.x antérieures à 35.0.177
Parasolid versions 35.1.x antérieures à 35.1.073

L'éditeur ne propose pas de correctif pour certains produits RUGGEDCOM ROS, SIMATIC ou SIPLUS, se référer aux avis pour obtenir plus d'informations sur les mesures de contournement.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-472630 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-264815 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-770902 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-975961 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-908185 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-131450 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-407785 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-180579 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-811403 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-264814 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-116172 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-188491 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-001569 du 8 août 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eSICAM TOOLBOX II versions ant\u00e9rieures \u00e0 07.10\u003c/li\u003e \u003cli\u003eP\u00e9riph\u00e9riques RUGGEDCOM ROS versions ant\u00e9rieures \u00e0 4.3.8\u003c/li\u003e \u003cli\u003eSolid Edge SE2023 versions ant\u00e9rieures \u00e0 223.0 Update 7\u003c/li\u003e \u003cli\u003eRUGGEDCOM CROSSBOW versions ant\u00e9rieures \u00e0 5.4\u003c/li\u003e \u003cli\u003eParasolid versions 34.1.x ant\u00e9rieures \u00e0 34.1.258\u003c/li\u003e \u003cli\u003eParasolid versions 35.0.x ant\u00e9rieures \u00e0 35.0.254\u003c/li\u003e \u003cli\u003eParasolid versions 35.1.x ant\u00e9rieures \u00e0 35.1.197\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.1.x, se r\u00e9f\u00e9rer \u00e0 l\u0027avis \u00e9diteur pour plus d\u0027information sur les mesures de contournement\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.2.x ant\u00e9rieures \u00e0 14.2.0.6\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.3.x, se r\u00e9f\u00e9rer \u00e0 l\u0027avis \u00e9diteur pour plus d\u0027information sur les mesures de contournement\u003c/li\u003e \u003cli\u003eSIMATIC contr\u00f4leur de disque CPU 1504D versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSIMATIC contr\u00f4leur de disque CPU 1507D versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSIMATIC ET toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC IPC toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC S7 versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSIPLUS ET versions ant\u00e9rieures \u00e0 3.3.19\u003c/li\u003e \u003cli\u003eSIPLUS S7 versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSiemens Software Center versions ant\u00e9rieures \u00e0 3.0\u003c/li\u003e \u003cli\u003eAPOGEE PXC Compact versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eAPOGEE PXC Compact (P2 Ethernet) versions ant\u00e9rieures \u00e0 2.8.20\u003c/li\u003e \u003cli\u003eAPOGEE PXC Modular (BACnet) versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eAPOGEE PXC Modular (P2 Ethernet) versions ant\u00e9rieures \u00e0 2.8.20\u003c/li\u003e \u003cli\u003eTALON TC Compact versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eTALON TC Modular (BACnet) versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eJT2Go versions ant\u00e9rieures \u00e0 14.2.0.5\u003c/li\u003e \u003cli\u003eSolid Edge SE2022 versions ant\u00e9rieures \u00e0 222.0 Update 13\u003c/li\u003e \u003cli\u003eSolid Edge SE2023 versions ant\u00e9rieures \u00e0 223.0 Update 4\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 13.2.x ant\u00e9rieures \u00e0 13.2.0.15\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 13.3.x ant\u00e9rieures \u00e0 13.3.0.11\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.1.x ant\u00e9rieures \u00e0 14.1.0.11\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.2.x ant\u00e9rieures \u00e0 14.2.0.5\u003c/li\u003e \u003cli\u003eParasolid versions 35.0.x sans la proc\u00e9dure de r\u00e9installation\u003c/li\u003e \u003cli\u003eParasolid versions 35.1.x sans la proc\u00e9dure de r\u00e9installation\u003c/li\u003e \u003cli\u003eJT Open versions ant\u00e9rieures \u00e0 11.4\u003c/li\u003e \u003cli\u003eJT Utilities versions ant\u00e9rieures \u00e0 13.4\u003c/li\u003e \u003cli\u003eParasolid versions 34.0.x ant\u00e9rieures \u00e0 34.0.253\u003c/li\u003e \u003cli\u003eParasolid versions 34.1.x ant\u00e9rieures \u00e0 34.1.243\u003c/li\u003e \u003cli\u003eParasolid versions 35.0.x ant\u00e9rieures \u00e0 35.0.177\u003c/li\u003e \u003cli\u003eParasolid versions 35.1.x ant\u00e9rieures \u00e0 35.1.073\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour certains produits RUGGEDCOM ROS, SIMATIC ou SIPLUS, se r\u00e9f\u00e9rer aux avis pour obtenir plus d\u0027informations sur les mesures de contournement.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-27009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27009"
    },
    {
      "name": "CVE-2022-37971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37971"
    },
    {
      "name": "CVE-2023-27411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27411"
    },
    {
      "name": "CVE-2020-28388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28388"
    },
    {
      "name": "CVE-2023-24845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24845"
    },
    {
      "name": "CVE-2023-39419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39419"
    },
    {
      "name": "CVE-2023-39183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39183"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2020-27736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27736"
    },
    {
      "name": "CVE-2023-39269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39269"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-38526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38526"
    },
    {
      "name": "CVE-2023-38641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38641"
    },
    {
      "name": "CVE-2023-39187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39187"
    },
    {
      "name": "CVE-2023-39188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39188"
    },
    {
      "name": "CVE-2020-15795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15795"
    },
    {
      "name": "CVE-2023-39185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39185"
    },
    {
      "name": "CVE-2022-39062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39062"
    },
    {
      "name": "CVE-2023-28830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28830"
    },
    {
      "name": "CVE-2023-38531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38531"
    },
    {
      "name": "CVE-2023-38524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38524"
    },
    {
      "name": "CVE-2023-39186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39186"
    },
    {
      "name": "CVE-2023-37372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37372"
    },
    {
      "name": "CVE-2021-41544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41544"
    },
    {
      "name": "CVE-2022-25634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25634"
    },
    {
      "name": "CVE-2023-39182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39182"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2023-37373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37373"
    },
    {
      "name": "CVE-2023-39184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39184"
    },
    {
      "name": "CVE-2023-38525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38525"
    },
    {
      "name": "CVE-2020-27738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27738"
    },
    {
      "name": "CVE-2023-30795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30795"
    },
    {
      "name": "CVE-2023-38530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38530"
    },
    {
      "name": "CVE-2023-38527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38527"
    },
    {
      "name": "CVE-2022-45937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45937"
    },
    {
      "name": "CVE-2023-37378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37378"
    },
    {
      "name": "CVE-2023-38528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38528"
    },
    {
      "name": "CVE-2023-39181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39181"
    },
    {
      "name": "CVE-2023-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4304"
    },
    {
      "name": "CVE-2023-38682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38682"
    },
    {
      "name": "CVE-2023-38532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38532"
    },
    {
      "name": "CVE-2023-30796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30796"
    },
    {
      "name": "CVE-2023-38529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38529"
    },
    {
      "name": "CVE-2023-38683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38683"
    },
    {
      "name": "CVE-2020-27737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27737"
    },
    {
      "name": "CVE-2021-25677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25677"
    }
  ],
  "initial_release_date": "2023-08-08T00:00:00",
  "last_revision_date": "2023-08-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0633",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-08-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-472630 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-472630.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-264815 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-264815.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-770902 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-770902.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-975961 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-975961.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-908185 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-908185.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-131450 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-131450.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-407785 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-407785.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-180579 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-180579.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-811403 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-811403.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-264814 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-264814.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-116172 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-116172.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-188491 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-188491.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-001569 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-001569.html"
    }
  ]
}

CERTFR-2022-AVI-910

Vulnerability from certfr_avis - Published: 2022-10-12 - Updated: 2022-10-12

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une usurpation d'identité, une exécution de code à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.0
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.3
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.2
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft	N/A	Microsoft Malware Protection Engine
Microsoft	N/A	Visual Studio Code
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour systèmes 32 bits
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour 64 bits Systems
Microsoft	N/A	Visual Studio 2022 pour Mac version 17.3
Microsoft	N/A	Jupyter Extension pour Visual Studio Code

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-41032 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-41034 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-41031 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-38049 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-38001 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-38048 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-41042 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-41083 du 11 octobre 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-37971 du 11 octobre 2022	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Visual Studio 2022 version 17.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Malware Protection Engine",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio 2022 pour Mac version 17.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Jupyter Extension pour Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-37971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37971"
    },
    {
      "name": "CVE-2022-41042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41042"
    },
    {
      "name": "CVE-2022-38049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38049"
    },
    {
      "name": "CVE-2022-38001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38001"
    },
    {
      "name": "CVE-2022-41034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41034"
    },
    {
      "name": "CVE-2022-41031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41031"
    },
    {
      "name": "CVE-2022-38048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38048"
    },
    {
      "name": "CVE-2022-41032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41032"
    },
    {
      "name": "CVE-2022-41083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41083"
    }
  ],
  "initial_release_date": "2022-10-12T00:00:00",
  "last_revision_date": "2022-10-12T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-41032 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41032"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-41034 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41034"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-41031 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41031"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-38049 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38049"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-38001 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38001"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-38048 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38048"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-41042 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41042"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-41083 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41083"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-37971 du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971"
    }
  ],
  "reference": "CERTFR-2022-AVI-910",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-10-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une usurpation d\u0027identit\u00e9, une ex\u00e9cution de code\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 11 octobre 2022",
      "url": "https://msrc.microsoft.com/update-guide/"
    }
  ]
}

CERTFR-2023-AVI-0044

Vulnerability from certfr_avis - Published: 2023-01-20 - Updated: 2023-01-20

De multiples vulnérabilités ont été découvertes dans les produits WithSecure. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
WithSecure	N/A	F-Secure Linux Security (32-bit et 64-bit) sans les derniers correctifs de sécurité automatisés du 16 janvier 2023
WithSecure	N/A	Tous les produits WithSecure sur Windows et Mac sans les derniers correctifs de sécurité automatisés du 16 janvier 2023
WithSecure	N/A	F-Secure Atlant sans les derniers correctifs de sécurité automatisés du 16 janvier 2023
WithSecure	N/A	F-Secure Internet Gatekeeper sans les derniers correctifs de sécurité automatisés du 16 janvier 2023

References

Title

Publication Time

Tags

Bulletin de sécurité WithSecure cve-2023-xxxx du 19 janvier 2023	None	vendor-advisory
Bulletin de sécurité WithSecure cve-2022-37971 du 19 janvier 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "F-Secure Linux Security (32-bit et 64-bit) sans les derniers correctifs de s\u00e9curit\u00e9 automatis\u00e9s du 16 janvier 2023",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "WithSecure",
          "scada": false
        }
      }
    },
    {
      "description": "Tous les produits WithSecure sur Windows et Mac sans les derniers correctifs de s\u00e9curit\u00e9 automatis\u00e9s du 16 janvier 2023",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "WithSecure",
          "scada": false
        }
      }
    },
    {
      "description": "F-Secure Atlant sans les derniers correctifs de s\u00e9curit\u00e9 automatis\u00e9s du 16 janvier 2023",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "WithSecure",
          "scada": false
        }
      }
    },
    {
      "description": "F-Secure Internet Gatekeeper sans les derniers correctifs de s\u00e9curit\u00e9 automatis\u00e9s du 16 janvier 2023",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "WithSecure",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-37971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37971"
    }
  ],
  "initial_release_date": "2023-01-20T00:00:00",
  "last_revision_date": "2023-01-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0044",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-01-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nWithSecure. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits WithSecure",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 WithSecure cve-2023-xxxx du 19 janvier 2023",
      "url": "https://www.withsecure.com/en/support/security-advisories/cve-2023-xxxx"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 WithSecure cve-2022-37971 du 19 janvier 2023",
      "url": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971"
    }
  ]
}

CVE-2022-37971

Vulnerability from fstec - Published: 11.10.2022

Title

Уязвимость антивирусного ядра Microsoft Malware Protection Engine (MPE), связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии

Description

Уязвимость антивирусного ядра Microsoft Malware Protection Engine (MPE) связана с недостатками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Vendor

Microsoft Corp

Software Name

Microsoft Malware Protection Engine

Software Version

до 1.1.19700.2 (Microsoft Malware Protection Engine)

Possible Mitigations

Использование рекомендаций: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-37971 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971

CWE

CWE-269

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 1.1.19700.2 (Microsoft Malware Protection Engine)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.10.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.11.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-07001",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-37971",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Microsoft Malware Protection Engine",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 Microsoft Malware Protection Engine (MPE), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 (CWE-269)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 Microsoft Malware Protection Engine (MPE) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2022-37971\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-269",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)"
}

GHSA-GQJ6-QXWH-7F6P

Vulnerability from github – Published: 2022-10-12 12:00 – Updated: 2025-01-03 00:31

Details

Microsoft Windows Defender Elevation of Privilege Vulnerability.

Severity ?

7.1 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-37971"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-11T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Windows Defender Elevation of Privilege Vulnerability.",
  "id": "GHSA-gqj6-qxwh-7f6p",
  "modified": "2025-01-03T00:31:05Z",
  "published": "2022-10-12T12:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37971"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971"
    },
    {
      "type": "WEB",
      "url": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-37971

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Microsoft Windows Defender Elevation of Privilege Vulnerability.

Aliases

CVE-2022-37971

Aliases

CVE-2022-37971

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-37971",
    "description": "Microsoft Windows Defender Elevation of Privilege Vulnerability.",
    "id": "GSD-2022-37971"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-37971"
      ],
      "details": "Microsoft Windows Defender Elevation of Privilege Vulnerability.",
      "id": "GSD-2022-37971",
      "modified": "2023-12-13T01:19:13.872060Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2022-37971",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Microsoft Malware Protection Engine",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.1.0.0",
                          "version_value": "1.1.19700.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Elevation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971",
            "refsource": "MISC",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971"
          },
          {
            "name": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971",
            "refsource": "MISC",
            "url": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "02E573E5-FEDE-4274-A8B8-D17CC2BB7A93",
                    "versionEndExcluding": "1.1.19700.2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
          },
          {
            "lang": "es",
            "value": "Una Vulnerabilidad de Elevaci\u00f3n de Privilegios de Microsoft Windows Defender"
          }
        ],
        "id": "CVE-2022-37971",
        "lastModified": "2023-12-20T20:15:11.473",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.2,
              "source": "secure@microsoft.com",
              "type": "Primary"
            }
          ]
        },
        "published": "2022-10-11T19:15:12.167",
        "references": [
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971"
          },
          {
            "source": "secure@microsoft.com",
            "url": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971"
          }
        ],
        "sourceIdentifier": "secure@microsoft.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-noinfo"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

FKIE_CVE-2022-37971

Vulnerability from fkie_nvd - Published: 2022-10-11 19:15 - Updated: 2025-01-02 22:15

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

Microsoft Windows Defender Elevation of Privilege Vulnerability

References

URL	Tags
secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.withsecure.com/en/support/security-advisories/cve-2022-37971

Impacted products

	Vendor	Product	Version
	microsoft	malware_protection_engine	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02E573E5-FEDE-4274-A8B8-D17CC2BB7A93",
              "versionEndExcluding": "1.1.19700.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
    },
    {
      "lang": "es",
      "value": "Una Vulnerabilidad de Elevaci\u00f3n de Privilegios de Microsoft Windows Defender"
    }
  ],
  "id": "CVE-2022-37971",
  "lastModified": "2025-01-02T22:15:10.393",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-10-11T19:15:12.167",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.withsecure.com/en/support/security-advisories/cve-2022-37971"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-37971 (GCVE-0-2022-37971)

CERTFR-2023-AVI-0633

Solution

CERTFR-2022-AVI-910

Solution

CERTFR-2023-AVI-0044

Solution

CVE-2022-37971

GHSA-GQJ6-QXWH-7F6P

GSD-2022-37971

FKIE_CVE-2022-37971

Tags

Sightings

Nomenclature