First published: Tue Dec 14 2021(Updated: )
Microsoft Defender for IoT Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Defender for IoT | <10.5.3 | |
Microsoft Azure Defender for IoT | ||
Microsoft Defender for IoT | ||
<10.5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-43882 is an authentication bypass vulnerability in Microsoft Azure Defender for IoT that allows remote attackers to bypass authentication.
CVE-2021-43882 has a severity rating of 9.8, which is considered critical.
CVE-2021-43882 allows remote attackers to bypass authentication on affected installations of Microsoft Azure Defender for IoT console and sensor appliances.
The affected software by CVE-2021-43882 includes Microsoft Azure Defender for IoT, Microsoft Defender for IoT, and Microsoft Defender for IoT console and sensor appliances.
To fix CVE-2021-43882, update to version 10.5.3 or later of Microsoft Defender for IoT or follow the instructions provided by Microsoft to update the software version of Microsoft Azure Defender for IoT console and sensor appliances.