• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Sys & Infrast Lifecycle Mngt 1

Information Technology Audit and Cybersecurity, Temple University

Sys & Infrast Lifecycle Mngt 1

MIS 5203.001 ■ Spring 2020 ■ Wade Mackey
  • Home
  • Syllabus
    • Gradebook
  • Announcements
  • Course Work
    • 1 – Intro/SDLC
    • Planning
      • 2 – Prjct Mngmt & Governance
      • 3 – Business Case & Feasibility
    • Analysis
      • 4 – Requirements Determination
      • 5 – Process Modeling
      • 6 – Data Modeling
      • 7 -Test One
    • Design
      • 10 – HCI (UI)
      • 8 – Database
      • 9 – Software
      • 11 – Test Two
    • Implementation
      • 12 – Architecture
      • 13 – Development & Testing
      • 14 – Migration & Deployment
      • Test 3: Implementation
  • Projects
    • Project 1: Business Case Development
    • Project 2: SDLC
    • Project 3: Systems Design
    • Project 4: Process Re-engineering
    • Project 5: Controls

Microsoft Azure Defender: Critical hijacking bugs

April 14, 2022 Leave a Comment

On march 30, 2022, SentineOne  announced their findings about Microsoft Azure Defense for IoT including a detail of a handful of bugs and two critical remote code execution vulnerabilities. Furthermore, they also pointed out that these security flaw would take six months to address and it meant that these ones could have been exploited by an unauthenticated attacker to compromise and would take over critical infrastructure networks. The two of the critical bugs in Defender for IoT are: CVE-2021-42311 and CVE-2021-42313. These bugs are SQL injection vulnerabilities and received 10/10 score in term of severity. Attackers could exploit these bugs without any authentication . Below is the link to get more info about these bugs.

https://www.theregister.com/2022/03/30/sentinelone_microsoft_azure_iot/

 

 

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

RECENT ANNOUNCEMENTS

“School District reports a 334% hike in cybersecurity insurance costs”

A school district in Chicago released details on its cyber-insurance, from … [More...] about “School District reports a 334% hike in cybersecurity insurance costs”

“Security Flaws Seen in China’s Mandatory Olympics App for Athletes”

The article I read this week was from the New York Times, and it describes … [More...] about “Security Flaws Seen in China’s Mandatory Olympics App for Athletes”

“‘Preparation, not panic’: Top US cyber official asks Americans to look out for Russian hacking efforts”

by Sean Lyngaas 3/26/22 To summarize this article, the United States … [More...] about “‘Preparation, not panic’: Top US cyber official asks Americans to look out for Russian hacking efforts”

Cisco Umbrella default SSH key allows theft of admin credentials

Cisco Umbrella default SSH key allows theft of admin credentials … [More...] about Cisco Umbrella default SSH key allows theft of admin credentials

The battle over end-to-end encryption

The BBC article, “The battle over end-to-end encryption, is news to … [More...] about The battle over end-to-end encryption

Hackers Using Device Registration Trick to Attack Enterprise with Lateral Phishing

This article explains the email-based social engineering of criminals to … [More...] about Hackers Using Device Registration Trick to Attack Enterprise with Lateral Phishing

[More Announcements...]

Copyright © 2025 · Department of Management Information Systems · Fox School of Business · Temple University