CVE-2026-45642
3.9 LOWImproper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to p...
Published: 2026-06-09 · Last updated: 2026-06-09
Severity and scoring
- CVSS
- 3.9 LOW
- Vector
- CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
- CWE
- CWE-20
Description
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-45329 — ESF-IDF is the Espressif Internet of Things (IOT) Development Framework (7.1 HIGH)
- CVE-2026-45328 — ESF-IDF is the Espressif Internet of Things (IOT) Development Framework (9.3 CRITICAL)
- CVE-2026-41727 — Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them (6.5 MEDIUM)
- CVE-2026-47903 — CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability (6.2 MEDIUM)
- CVE-2026-34712 — CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability (7.5 HIGH)