CVE-2022-24527
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2022-24527 is an elevation of privilege vulnerability affecting Microsoft Endpoint Configuration Manager. Successful exploitation allows attackers to elevate their privileges on affected systems, potentially gaining administrative access. This vulnerability poses a significant risk, particularly in enterprise environments, where Configuration Manager is commonly used for managing and deploying software and configurations. Microsoft has released a patch to address the issue, and it is strongly recommended that organizations apply the update as soon as possible to mitigate the threat. Failure to do so may result in unauthorized access to sensitive data or systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows Server 2008
- Microsoft Windows 10
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2016
Affected Vendors
- Microsoft