First published: Tue Dec 14 2021(Updated: )
Microsoft Defender for IoT Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Defender for IoT | <10.5.2 | |
Microsoft Defender for IoT | ||
Microsoft Azure Defender for IoT | ||
<10.5.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-42313 is a vulnerability in Microsoft Azure Defender for IoT that allows remote attackers to bypass authentication.
CVE-2021-42313 has a severity rating of 10, which is considered critical.
CVE-2021-42313 exploits a lack of proper validation in the sync endpoint of Microsoft Azure Defender for IoT, allowing remote attackers to bypass authentication.
Microsoft Azure Defender for IoT versions up to 10.5.2 are affected by CVE-2021-42313.
To fix CVE-2021-42313, update your Microsoft Azure Defender for IoT installation to the latest version. Refer to the provided documentation and patch instructions for more details.