Windows Defender: Improper Authorization in Global Files Search Index
CVE-2024-49071 Published on December 12, 2024
Windows Defender Information Disclosure Vulnerability
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.
Weakness Type
Improper Authorization of Index Containing Sensitive Information
The product creates a search index of private or sensitive documents, but it does not properly limit index access to actors who are authorized to see the original information. Web sites and other document repositories may apply an indexing routine against a group of private documents to facilitate search. If the index's results are available to parties who do not have access to the documents being indexed, then attackers could obtain portions of the documents by conducting targeted searches and reading the results. The risk is especially dangerous if search results include surrounding text that was not part of the search query. This issue can appear in search engines that are not configured (or implemented) to ignore critical files that should remain hidden; even without permissions to download these files directly, the remote user could read them.
Products Associated with CVE-2024-49071
stack.watch emails you whenever new vulnerabilities are published in Microsoft Windows Defender or Microsoft Defender For Endpoint. Just hit a watch button to start following.
Affected Versions
Microsoft Defender for Endpoint for Windows Version N/A is affected by CVE-2024-49071Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.