Microsoft Defender For Endpoint vulnerabilities

CVE-2025-59497 [MEDIUM] CWE-367 CVE-2025-59497: Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authoriz Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.

CVE-2025-47161 [HIGH] CWE-284 CVE-2025-47161: Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

CVE-2025-26684 [MEDIUM] CWE-73 CVE-2025-26684: External control of file name or path in Microsoft Defender for Endpoint allows an authorized attack External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

CVE-2024-49057 [HIGH] CWE-20 CVE-2024-49057: Microsoft Defender for Endpoint on Android Spoofing Vulnerability Microsoft Defender for Endpoint on Android Spoofing Vulnerability

CVE-2024-43614 [MEDIUM] CWE-23 CVE-2024-43614: Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally.

CVE-2024-21315 [HIGH] CWE-20 CVE-2024-21315: Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability