CVE-2024-21322: Microsoft Defender for IoT Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 7.2)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Apr

Released

2024-04-09

Last Updated

2024-04-11

EPSS Score

0.77% (percentile: 73.6%)

FAQ

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker to be an administrator of the web application. As is best practice, regular validation and audits of administrative groups should be conducted. What actions do customers need to take to protect themselves from this vulnerability? Customers need to update their Defender for IoT software to version 24.1.3 or above. For more information, see OT monitoring software versions.

Affected Products (1)

System Center

• Microsoft Defender for IoT

Security Updates (1)

• Release Notes

Acknowledgments

<a href="https://www.siemens-energy.com/">Siemens Energy</a>

Revision History

• 2024-04-09: Information published.
• 2024-04-11: Added FAQ information. This is an informational change only.