Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
Microsoft Defender for Endpoint
FIN-252
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 09:04
Verified
What It Detects
Device has one or more Critical severity CVEs that also have a known public exploit, as identified by Microsoft Defender TVM. This is the highest-risk vulnerability scenario: the vulnerability allows severe impact (remote code execution, full system compromise) AND attackers have ready-made exploit tools. These CVEs are commonly found in CISA's Known Exploited Vulnerabilities (KEV) catalog.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
vulnerabilitySeverityLevel
equals
Critical
publicExploit
equals
True
Remediation
×
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum