CVE-2024-49071

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 12, 2024
CWE ID 612

Summary

CVE-2024-49071 is a vulnerability affecting Windows Defender. It permits an attacker, who has already gained authorized access, to disclose sensitive information through an improperly managed index in Global Files search. This issue can lead to potential data leaks over a network connection. Windows Defender's failure to restrict access to the sensitive index exposes the system to potential risks. Attackers can exploit this vulnerability to gain unauthorized access to sensitive information, posing a significant threat to data security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share