Microsoft Malware Protection Engine vulnerabilities
23 known vulnerabilities affecting microsoft/malware_protection_engine.
Total CVEs
23
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH14MEDIUM8
Vulnerabilities
Page 1 of 2
CVE-2023-33156HIGHCVSS 7.0fixed in 1.1.23050.32023-07-11
CVE-2023-33156 [MEDIUM] CWE-367 CVE-2023-33156: Microsoft Defender Elevation of Privilege Vulnerability
Microsoft Defender Elevation of Privilege Vulnerability
nvd
CVE-2023-24860HIGHCVSS 7.5fixed in 1.1.20200.42023-04-11
CVE-2023-24860 [HIGH] CWE-400 CVE-2023-24860: Microsoft Defender Denial of Service Vulnerability
Microsoft Defender Denial of Service Vulnerability
nvd
CVE-2023-23389MEDIUMCVSS 6.3v1.1.20000.22023-03-14
CVE-2023-23389 [MEDIUM] CWE-367 CVE-2023-23389: Microsoft Defender Elevation of Privilege Vulnerability
Microsoft Defender Elevation of Privilege Vulnerability
nvd
CVE-2022-37971HIGHCVSS 7.1fixed in 1.1.19700.22022-10-11
CVE-2022-37971 [HIGH] CVE-2022-37971: Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft Windows Defender Elevation of Privilege Vulnerability
nvd
CVE-2022-24548MEDIUMCVSS 5.5fixed in 1.1.19100.52022-04-15
CVE-2022-24548 [MEDIUM] CVE-2022-24548: Microsoft Defender Denial of Service Vulnerability
Microsoft Defender Denial of Service Vulnerability
nvd
CVE-2021-42298HIGHCVSS 7.8fixed in 1.1.18700.32021-11-10
CVE-2021-42298 [HIGH] CWE-94 CVE-2021-42298: Microsoft Defender Remote Code Execution Vulnerability
Microsoft Defender Remote Code Execution Vulnerability
nvd
CVE-2021-34471HIGHCVSS 7.8fixed in 1.1.18400.42021-08-12
CVE-2021-34471 [HIGH] CWE-269 CVE-2021-34471: Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft Windows Defender Elevation of Privilege Vulnerability
nvd
CVE-2021-34522HIGHCVSS 7.8fixed in 1.1.18242.02021-07-14
CVE-2021-34522 [HIGH] CVE-2021-34522: Microsoft Defender Remote Code Execution Vulnerability
Microsoft Defender Remote Code Execution Vulnerability
nvd
CVE-2021-31985HIGHCVSS 8.8fixed in 1.1.18200.32021-06-08
CVE-2021-31985 [HIGH] CVE-2021-31985: Microsoft Defender Remote Code Execution Vulnerability
Microsoft Defender Remote Code Execution Vulnerability
nvd
CVE-2021-31978MEDIUMCVSS 5.5fixed in 1.1.18200.32021-06-08
CVE-2021-31978 [MEDIUM] CVE-2021-31978: Microsoft Defender Denial of Service Vulnerability
Microsoft Defender Denial of Service Vulnerability
nvd
CVE-2017-11940HIGHCVSS 7.8≤ 1.1.14306.02017-12-08
CVE-2017-11940 [HIGH] CVE-2017-11940: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Win
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution
nvd
CVE-2017-11937HIGHCVSS 7.8≤ 1.1.14306.02017-12-07
CVE-2017-11937 [HIGH] CWE-119 CVE-2017-11937: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Win
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code e
nvd
CVE-2017-8540HIGHCVSS 7.8KEVPoC≥ 1.1.13701.0, < 1.1.13704.02017-05-26
CVE-2017-8540 [HIGH] CVE-2017-8540: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially cra
nvd
CVE-2017-8541HIGHCVSS 7.8PoC≤ 1.1.13704.02017-05-26
CVE-2017-8541 [HIGH] CVE-2017-8541: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially cra
nvd
CVE-2017-8538HIGHCVSS 7.8PoC≤ 1.1.13704.02017-05-26
CVE-2017-8538 [HIGH] CWE-119 CVE-2017-8538: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a speci
nvd
CVE-2017-8542MEDIUMCVSS 5.5≤ 1.1.13704.02017-05-26
CVE-2017-8542 [MEDIUM] CVE-2017-8542: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially c
nvd
CVE-2017-8539MEDIUMCVSS 5.5≤ 1.1.13704.02017-05-26
CVE-2017-8539 [MEDIUM] CVE-2017-8539: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially c
nvd
CVE-2017-0290HIGHCVSS 7.8PoC≤ 1.1.13701.02017-05-09
CVE-2017-0290 [HIGH] CWE-119 CVE-2017-0290: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corrup
nvd
CVE-2014-2779MEDIUMCVSS 4.3≤ 1.1.10600.02014-06-18
CVE-2014-2779 [MEDIUM] CWE-20 CVE-2014-2779: mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to ca
mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service (system hang) via a crafted file.
nvd
CVE-2013-1346CRITICALCVSS 9.3≤ 1.1.9402.02013-05-15
CVE-2013-1346 [CRITICAL] CWE-119 CVE-2013-1346: mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
nvd
1 / 2Next →