Security Vulnerabilities - CVEs Published In January 2021
Azure Active Directory Pod Identity Spoofing Vulnerability
CVSS Score
5.5
EPSS Score
0.005
Published
2021-01-12
Windows Print Spooler Spoofing Vulnerability
CVSS Score
8.8
EPSS Score
0.536
Published
2021-01-12
Windows CryptoAPI Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.041
Published
2021-01-12
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12
Windows WalletService Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2021-01-12
Windows Kernel Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.002
Published
2021-01-12
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key
CVSS Score
5.0
EPSS Score
0.032
Published
2021-01-12
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key
CVSS Score
5.0
EPSS Score
0.032
Published
2021-01-12
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.007
Published
2021-01-12
Windows WalletService Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12