Microsoft Windows Defender Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-08-08
Updated
2023-08-11
Microsoft Windows Defender Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-11-14
Updated
2023-11-20
Microsoft Defender Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-02-25
Updated
2023-12-29

CVE-2021-1647

Known exploited
Microsoft Defender Remote Code Execution Vulnerability
Max CVSS
7.8
EPSS Score
17.10%
Published
2021-01-12
Updated
2023-12-29
CISA KEV Added
2021-11-03
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Max CVSS
7.1
EPSS Score
0.04%
Published
2020-07-14
Updated
2021-07-21
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1163.
Max CVSS
7.8
EPSS Score
0.08%
Published
2020-06-09
Updated
2021-07-21
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-06-09
Updated
2021-07-21
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Max CVSS
7.1
EPSS Score
0.04%
Published
2020-04-15
Updated
2021-09-09
An elevation of privilege vulnerability exists when Windows Defender antimalware platform improperly handles hard links, aka 'Windows Defender Antimalware Platform Hard Link Elevation of Privilege Vulnerability'.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-04-15
Updated
2021-07-21
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.
Max CVSS
7.5
EPSS Score
0.20%
Published
2019-09-23
Updated
2021-09-09
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Max CVSS
7.1
EPSS Score
0.04%
Published
2019-08-14
Updated
2021-09-09
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
Max CVSS
9.3
EPSS Score
96.12%
Published
2018-04-04
Updated
2021-09-09
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".
Max CVSS
9.3
EPSS Score
5.88%
Published
2017-06-29
Updated
2019-10-03
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8540.
Max CVSS
9.3
EPSS Score
87.79%
Published
2017-05-26
Updated
2017-08-13

CVE-2017-8540

Known exploited
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541.
Max CVSS
9.3
EPSS Score
96.30%
Published
2017-05-26
Updated
2017-08-13
CISA KEV Added
2022-03-03
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8540 and CVE-2017-8541.
Max CVSS
9.3
EPSS Score
22.03%
Published
2017-05-26
Updated
2017-08-13
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
94.24%
Published
2017-05-09
Updated
2019-05-08
The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability."
Max CVSS
7.2
EPSS Score
0.04%
Published
2013-04-09
Updated
2018-10-12
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
Max CVSS
7.2
EPSS Score
0.05%
Published
2011-02-25
Updated
2017-08-17
Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file.
Max CVSS
9.3
EPSS Score
58.60%
Published
2007-02-13
Updated
2018-10-12
20 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!