What the vulnerability does
01Description
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29054
HIGH
CVE-2024-29054: Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVSS base score
7.2/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
April 9, 2024
CVE published
May 3, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-24318 Listeo < 1.6.11 - Multiple Authenticated IDOR Vulnerabilities
CVE-2026-5122 osrg GoBGP BGP OPEN Message bgp.go DecodeFromBytes access control
CVE-2026-44556 Open WebUI: responses passthrough endpoint lacks access control authorization
CVE-2023-32279
CVE-2024-0212 Cloudflare WordPress plugin enables information disclosure of Cloudflare API (for low privileged users)
