June 11, 2023

Researchers at SentinelOne published details on a couple of critical RCE vulnerabilities discovered in Microsoft Defender for IoT, tracked as CVE-2021-42311 and CVE-2021-42313, with CVSS score of 10 related to a SQL injection attack.

Defender for IoT supports various IoT, OT, and ICSq devices, and can be deployed both on-premises and in the cloud.

Advertisements

The vulnerability, identified in the token validation process, CVE-2021-42313 exists because the UUID parameter isn’t sanitized and allowed them to insert, update, and execute SQL special commands. They came up with PoC code that exploits the bug to extract a logged-in user session ID from the database, which leads to complete account takeover.

These vulnerabilities are reported to Microsoft in June 2021 and fixed during December 2021 Patch Tuesday cycle

Tags:

Leave a Reply

You may have missed

VMware Patches Vulnerabilities in Aria

VMware Patches Vulnerabilities in Aria

June 10, 2023
Fractureiser Malware Targets MineCraft

Fractureiser Malware Targets MineCraft

June 10, 2023
MoveIt New SQL Vulnerability ! Patch It

MoveIt New SQL Vulnerability ! Patch It

June 10, 2023
Japanese Pharma Eisai Victim of Ransomware Attack

Japanese Pharma Eisai Victim of Ransomware Attack

June 9, 2023
ACT Government Victim of Barracuda ESG Vulnerability

ACT Government Victim of Barracuda ESG Vulnerability

June 9, 2023
Anonymous Sudan Claims Responsible for Outlook Outages

Anonymous Sudan Claims Responsible for Outlook Outages

June 9, 2023
%d bloggers like this: