cvelistv5 - CVE-2022-24548

CVE-2022-24548 (GCVE-0-2022-24548)

Vulnerability from cvelistv5

Published

2022-04-15 19:04

Modified

2025-01-02 18:51

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CWE

Denial of Service

Summary

Microsoft Defender Denial of Service Vulnerability

References

URL

	Vendor	Product	Version
	Microsoft	Microsoft Malware Protection Engine	Version: 1.1.0.0 < 1.1.19100.5

gsd-2022-24548

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Microsoft Defender Denial of Service Vulnerability

Aliases

CVE-2022-24548

Aliases

CVE-2022-24548

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-24548",
    "description": "Microsoft Defender Denial of Service Vulnerability.",
    "id": "GSD-2022-24548"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-24548"
      ],
      "details": "Microsoft Defender Denial of Service Vulnerability",
      "id": "GSD-2022-24548",
      "modified": "2023-12-13T01:19:42.632385Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2022-24548",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Microsoft Malware Protection Engine",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.1.0.0",
                          "version_value": "1.1.19100.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Defender Denial of Service Vulnerability"
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548",
            "refsource": "MISC",
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.1.19100.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2022-24548"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Microsoft Defender Denial of Service Vulnerability"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548",
              "refsource": "MISC",
              "tags": [],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-06-29T01:15Z",
      "publishedDate": "2022-04-15T19:15Z"
    }
  }
}

cnvd-2022-71972

Vulnerability from cnvd

Title

Microsoft Windows Defender拒绝服务漏洞

Description

Microsoft Windows Defender是美国微软（Microsoft）公司的一套Windows系统附带的防病毒软件。 Microsoft Windows Defender存在拒绝服务漏洞。该漏洞源于未对输入的错误消息做正确的处理，攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

Microsoft Windows Defender拒绝服务漏洞的补丁

Patch Description

Microsoft Windows Defender是美国微软（Microsoft）公司的一套Windows系统附带的防病毒软件。 Microsoft Windows Defender存在拒绝服务漏洞。该漏洞源于未对输入的错误消息做正确的处理，攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-24548

Impacted products

Name
Microsoft Malware Protection Engine

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-24548",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-24548"
    }
  },
  "description": "Microsoft Windows Defender\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957Windows\u7cfb\u7edf\u9644\u5e26\u7684\u9632\u75c5\u6bd2\u8f6f\u4ef6\u3002\n\nMicrosoft Windows Defender\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5bf9\u8f93\u5165\u7684\u9519\u8bef\u6d88\u606f\u505a\u6b63\u786e\u7684\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-71972",
  "openTime": "2022-10-28",
  "patchDescription": "Microsoft Windows Defender\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957Windows\u7cfb\u7edf\u9644\u5e26\u7684\u9632\u75c5\u6bd2\u8f6f\u4ef6\u3002\r\n\r\nMicrosoft Windows Defender\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5bf9\u8f93\u5165\u7684\u9519\u8bef\u6d88\u606f\u505a\u6b63\u786e\u7684\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Defender\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Microsoft Malware Protection Engine"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-24548",
  "serverity": "\u4e2d",
  "submitTime": "2022-04-15",
  "title": "Microsoft Windows Defender\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

fkie_cve-2022-24548

Vulnerability from fkie_nvd

Published

2022-04-15 19:15

Modified

2024-11-21 06:50

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

Microsoft Defender Denial of Service Vulnerability

References

	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548
	af854a3a-2127-422b-91ae-364da2661108	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548

Impacted products

	Vendor	Product	Version
	microsoft	malware_protection_engine	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23AF24D-BD3A-41A2-9176-3D34FC0F7439",
              "versionEndExcluding": "1.1.19100.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Defender Denial of Service Vulnerability"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Denegaci\u00f3n de Servicio de Microsoft Defender"
    }
  ],
  "id": "CVE-2022-24548",
  "lastModified": "2024-11-21T06:50:38.767",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-04-15T19:15:12.127",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-mj28-hjxw-jmfp

Vulnerability from github

Published

2022-04-16 00:00

Modified

2022-04-16 00:00

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

Microsoft Defender Denial of Service Vulnerability.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-24548"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-15T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft Defender Denial of Service Vulnerability.",
  "id": "GHSA-mj28-hjxw-jmfp",
  "modified": "2022-04-16T00:00:35Z",
  "published": "2022-04-16T00:00:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24548"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24548"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une usurpation d'identité, une exécution de code à distance, une élévation de privilèges et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Azure	Azure Site Recovery VMWare to Azure
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.0
Microsoft	N/A	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft	N/A	Skype pour Business Server 2015 CU12
Microsoft	N/A	YARP 1.0
Microsoft	N/A	YARP 1.1RC
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft	N/A	HEVC Video Extensions
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft	N/A	Skype pour Business Server 2019 CU6
Microsoft	N/A	Microsoft Malware Protection Engine
Microsoft	N/A	Visual Studio 2019 pour Mac version 8.10
Microsoft	N/A	Visual Studio Code
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour systèmes 32 bits
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour 64 bits Systems
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.1
Microsoft	N/A	Microsoft On-Premises Data Gateway
Microsoft	N/A	HEVC Video Extension
Microsoft	N/A	Microsoft Lync Server 2013 CU10
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.0

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 12 avril 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-26911 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-24532 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26898 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26924 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26901 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-23259 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26896 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26910 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-24473 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26897 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-24548 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-24513 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-24767 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-26921 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-24765 du 12 avril 2022	-	other
Bulletin de sécurité Microsoft CVE-2022-23292 du 12 avril 2022	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Azure Site Recovery VMWare to Azure",
      "product": {
        "name": "Azure",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Skype pour Business Server 2015 CU12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "YARP 1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "YARP 1.1RC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "HEVC Video Extensions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Skype pour Business Server 2019 CU6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Malware Protection Engine",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio 2019 pour Mac version 8.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Dynamics 365 (on-premises) version 9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2022 version 17.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft On-Premises Data Gateway",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "HEVC Video Extension",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Lync Server 2013 CU10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Dynamics 365 (on-premises) version 9.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-26896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26896"
    },
    {
      "name": "CVE-2022-24513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24513"
    },
    {
      "name": "CVE-2022-26897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26897"
    },
    {
      "name": "CVE-2022-26910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26910"
    },
    {
      "name": "CVE-2022-24548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24548"
    },
    {
      "name": "CVE-2022-26911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26911"
    },
    {
      "name": "CVE-2022-24765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24765"
    },
    {
      "name": "CVE-2022-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24532"
    },
    {
      "name": "CVE-2022-23259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23259"
    },
    {
      "name": "CVE-2022-26898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26898"
    },
    {
      "name": "CVE-2022-24767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24767"
    },
    {
      "name": "CVE-2022-26924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26924"
    },
    {
      "name": "CVE-2022-26921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26921"
    },
    {
      "name": "CVE-2022-24473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24473"
    },
    {
      "name": "CVE-2022-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26901"
    },
    {
      "name": "CVE-2022-23292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23292"
    }
  ],
  "initial_release_date": "2022-04-13T00:00:00",
  "last_revision_date": "2022-04-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26911 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26911"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-24532 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24532"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26898 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26898"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26924 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26924"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26901 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-23259 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23259"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26896 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26896"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26910 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26910"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-24473 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24473"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26897 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26897"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-24548 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-24513 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-24767 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24767"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-26921 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26921"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-24765 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24765"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-23292 du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23292"
    }
  ],
  "reference": "CERTFR-2022-AVI-337",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es,\nune usurpation d\u0027identit\u00e9, une ex\u00e9cution de code \u00e0 distance, une\n\u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 12 avril 2022",
      "url": "https://msrc.microsoft.com/update-guide/"
    }
  ]
}

msrc_cve-2022-24548

Vulnerability from csaf_microsoft

Published

2022-04-12 08:00

Modified

2022-04-12 08:00

Summary

Microsoft Defender Denial of Service Vulnerability

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action

Required. The vulnerability documented by this CVE requires customer action to resolve.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Daejin Lee, Seunghoe Kim, Donguk Kim of S2W Inc."
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
      },
      {
        "category": "self",
        "summary": "CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/2022/msrc_cve-2022-24548.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Microsoft Defender Denial of Service Vulnerability",
    "tracking": {
      "current_release_date": "2022-04-12T08:00:00.000Z",
      "generator": {
        "date": "2025-01-02T18:51:01.999Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2022-24548",
      "initial_release_date": "2022-04-12T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2022-04-12T08:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c1.1.19100.5",
            "product": {
              "name": "Microsoft Malware Protection Engine \u003c1.1.19100.5",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "1.1.19100.5",
            "product": {
              "name": "Microsoft Malware Protection Engine 1.1.19100.5",
              "product_id": "11902"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Malware Protection Engine"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-24548",
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "First version of the Microsoft Malware Protection Engine with this vulnerability addressed: First version of the Microsoft Malware Protection Engine with this vulnerability addressed, Version  1.1.19100.5: Version  1.1.19100.5\nSee Manage Updates Baselines Microsoft Defender Antivirus for more information.\nVulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state.\nIn response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Microsoft Malware Protection Engine. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.\nFor enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.\nBest practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Microsoft Malware Protection Engine updates and malware definitions, is working as expected in their environment.\nMicrosoft typically releases an update for the Microsoft Malware Protection Engine once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.\nDepending on which Microsoft antimalware software is used and how it is configured, the software may search for engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.\nThe Microsoft Malware Protection Engine, mpengine.dll, provides the scanning, detection, and cleaning capabilities for Microsoft antivirus and antispyware software.\nDefender runs on all supported version of Windows.\nYes, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection and Microsoft Security Essentials.\nYes.\u00a0 In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.\nCustomers should verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded and installed for their Microsoft antimalware products.\nOpen the Windows Security program. For example, type Security in the Search bar, and select the Windows Security program.\nIn the navigation pane, select Virus \u0026amp; threat protection.\nUnder Virus \u0026amp; threat protection updates in the main window, select Check for updates\nSelect Check for updates again.\nIn the navigation pane, select Settings, and then select About.\nExamine the Engine Version number. The update was successfully installed if the Malware Protection Engine version number or the signature package version number matches or exceeds the version number that you are trying to verify as installed.",
          "title": "Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?"
        }
      ],
      "product_status": {
        "fixed": [
          "11902"
        ],
        "known_affected": [
          "1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
        },
        {
          "category": "self",
          "summary": "CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24548"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-12T08:00:00.000Z",
          "details": "1.1.19100.5:Security Update:https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-worldwide",
          "product_ids": [
            "1"
          ],
          "url": "https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-worldwide"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 4.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Denial of Service"
        },
        {
          "category": "exploit_status",
          "details": "Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely"
        }
      ],
      "title": "Microsoft Defender Denial of Service Vulnerability"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2022-24548 (GCVE-0-2022-24548)

Vulnerability from cvelistv5

gsd-2022-24548

Vulnerability from gsd

cnvd-2022-71972

Vulnerability from cnvd

fkie_cve-2022-24548

Vulnerability from fkie_nvd

ghsa-mj28-hjxw-jmfp

Vulnerability from github

CERTFR-2022-AVI-337

Vulnerability from certfr_avis

Solution

msrc_cve-2022-24548

Vulnerability from csaf_microsoft

Tags

Sightings

Nomenclature