Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-1647
CVE-2021-1647:
Microsoft System Center Endpoint Protection vulnerability analysis and mitigation
Overview
Microsoft Defender experienced a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2021-1647, which was discovered and disclosed in December 2020. The vulnerability affected Microsoft Defender, Microsoft's built-in antimalware solution, and was actively exploited in the wild before patches were released (CISA Alert, CVE MITRE).
Technical details
The vulnerability was classified as a Remote Code Execution (RCE) flaw in Microsoft Defender that could allow attackers to execute arbitrary code on affected systems. The vulnerability was assigned CVE-2021-1647 and was documented in Microsoft's security advisory system (CVE MITRE).
Impact
If successfully exploited, this vulnerability could allow an attacker to take complete control of an affected system, enabling them to execute arbitrary code with elevated privileges (CISA Alert).
Mitigation and workarounds
Microsoft released security updates to address this vulnerability. CISA encouraged users and administrators to review Microsoft's Advisory and apply the necessary updates to mitigate the risk (CISA Alert).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management