Microsoft Defender for IoT Elevation of Privilege... · CVE-2024-38089 · GitHub Advisory Database · GitHub

Microsoft Defender for IoT Elevation of Privilege...

Critical severity Unreviewed Published Jul 9, 2024 to the GitHub Advisory Database

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Microsoft Defender for IoT Elevation of Privilege Vulnerability

References

Published by the National Vulnerability Database

Jul 9, 2024

Published to the GitHub Advisory Database Jul 9, 2024

Severity

Critical

9.1

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

High

User interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H