Tenable

SEPTEMBER 12, 2023

Successful exploitation of these vulnerabilities requires an attacker to authenticate with LAN-access and have valid credentials for an Exchange user. An authenticated attacker could exploit these vulnerabilities to gain SYSTEM privileges. Each of these vulnerabilities were given CVSSv3 scores of 8.0

LAN 120

LAN Windows 3D Azure 120

Altexsoft

MAY 20, 2020

Microsoft Azure IoT. IoT Core is the heart of AWS IoT suite, which manages device authentication, connection and communication with AWS services and each other. Due to authentication and encryption provided at all points of connection, IoT Core and devices never exchange unverified data. Top five solutions for building IoT.

IoT 141

IoT Azure AWS Transportation 141

Tenable

FEBRUARY 14, 2023

CVE-2023-21529, CVE-2023-21706 and CVE-2023-21707 share similarities with CVE-2022-41082, an authenticated RCE publicly disclosed in September 2022 that was a part of the ProxyNotShell attack chain , a variant of the ProxyShell attack chain discovered in August 2021. However, exploitation for this flaw does require authentication.

Windows 100

Windows Azure Authentication Policies 100

Ivanti

NOVEMBER 9, 2021

The updates include the normal lineup of Windows OS, Office, Azure, and some dev tools like Visual Studio. The vulnerability is rated as Important by Microsoft likely because the attacker must be authenticated to be able to exploit the vulnerability. The exploit does not require authentication but does require user interaction.

3D 84

3D Malware Windows Authentication 84

Tenable

NOVEMBER 9, 2021

This month’s update includes patches for: 3D Viewer. Azure RTOS. Azure Sphere. To exploit this vulnerability, an attacker would need to be authenticated to a vulnerable Exchange Server. CVE-2021-43208 and CVE-2021-43209 | 3D Viewer Remote Code Execution Vulnerability. Microsoft Dynamics. Microsoft Exchange Server.

3D 102

3D Windows Software Review Azure 102

Tenable

JUNE 13, 2023

A remote, unauthenticated attacker can exploit the vulnerability by sending a spoofed JWT authentication token to a vulnerable server giving them the privileges of an authenticated user on the target. We did not include these advisories in our overall Patch Tuesday counts. and rated critical. respectively.

Windows 98

Windows Authentication Operating System 3D 98

Tenable

MARCH 8, 2022

Azure Site Recovery. An authenticated user can exploit this vulnerability to execute arbitrary code on an affected server. While an attacker must be authenticated to exploit this vulnerability, Microsoft strongly recommends patching or applying the suggested workarounds as soon as possible. Microsoft Defender for Endpoint.

Windows 100

Windows Authentication SMB .Net 100