15.12.2022
Microsoft advises of a vulnerability (CVE-2022-41127) in Dynamics NAV / Dynamics 365 Business Central that allows an attacker to execute malicious code on the host server in the context of the service account that Dynamics has been configured to use. Patches have already been released by Microsoft, the necessary security updates can be found here.
Microsoft currently estimates the exploitability of this vulnerability as less likely - the attacker must be authenticated to exploit the vulnerability.
Do you have questions about the vulnerability? Our experts will be happy to provide you with advice and discuss the necessary steps with you.
TSO-DATA
Jan Grundmann
businesscentral[at]tso[dot]de
+49 (541) 1395-747