cbcvebase.
CVE-2022-23278
published 2022-03-09

CVE-2022-23278: Microsoft Defender for Endpoint Spoofing Vulnerability

PriorityP430medium5.9CVSS 3.1
AVNACHPRNUINSUCNIHAN
EPSS
1.83%
76.2th percentile
Microsoft Defender for Endpoint Spoofing Vulnerability

Affected

8 ranges
VendorProductVersion rangeFixed in
microsoftdefender_for_endpoint_edr_sensor< 10.8047.22439.105610.8047.22439.1056
microsoftmicrosoft_defender_for_endpoint_edr_sensor>= 1.0.0.0 < 10.8047.2243910.8047.22439
microsoftmicrosoft_defender_for_endpoint_for_android>= 1.0.0.0 < 1.0.3011.03021.0.3011.0302
microsoftmicrosoft_defender_for_endpoint_for_ios>= 1.0.0.0 < 1.1.180901091.1.18090109
microsoftmicrosoft_defender_for_endpoint_for_linux>= 101.0.0 < 101.60.93101.60.93
microsoftmicrosoft_defender_for_endpoint_for_mac>= 101.0.0 < 101.60.91101.60.91
microsoftmicrosoft_defender_for_endpoint_for_windows>= 1.0.0.0 < 10.0.19042.158610.0.19042.1586
msrcmicrosoft_defender

CVSS provenance

nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_msrc5.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.