CVE-2022-24465: Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability

Overview

Severity

Low (CVSS 3.3)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

Category

Security Feature Bypass

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Mar

Released

2022-03-08

EPSS Score

0.47% (percentile: 64.7%)

FAQ

What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker could potentially bypass the Intune policy file save location.

Affected Products (1)

Apps

• Intune Company Portal for iOS

Security Updates (1)

• Release Notes

Acknowledgments

Anonymous

Revision History

• 2022-03-08: Information published.