cbcvebase.
CVE-2022-21971
published 2022-02-09

CVE-2022-21971: Windows Runtime Remote Code Execution Vulnerability

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-09-08
Exploited in the wild
Windows Runtime Remote Code Execution Vulnerability

Affected

28 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_1809< 10.0.17763.256510.0.17763.2565
microsoftwindows_10_1909< 10.0.18363.209410.0.18363.2094
microsoftwindows_10_20h2< 10.0.19042.152610.0.19042.1526
microsoftwindows_10_21h1< 10.0.19043.152610.0.19043.1526
microsoftwindows_10_21h2< 10.0.19044.152610.0.19044.1526
microsoftwindows_10_version_1809>= 10.0.0 < 10.0.17763.256510.0.17763.2565
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.256510.0.17763.2565
microsoftwindows_10_version_1909>= 10.0.0 < 10.0.18363.209410.0.18363.2094
microsoftwindows_10_version_20h2>= 10.0.0 < 10.0.19042.152610.0.19042.1526
microsoftwindows_10_version_21h1>= 10.0.0 < 10.0.19043.152610.0.19043.1526
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.152610.0.19044.1526
microsoftwindows_11_21h2< 10.0.22000.49310.0.22000.493
microsoftwindows_11_version_21h2>= 10.0.0 < 10.0.22000.49310.0.22000.493
microsoftwindows_server_2019< 10.0.17763.256510.0.17763.2565
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.256510.0.17763.2565
microsoftwindows_server_2022< 10.0.20348.52410.0.20348.524
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.52410.0.20348.524
microsoftwindows_server_20h2< 10.0.19042.152610.0.19042.1526
microsoftwindows_server_version_20h2>= 10.0.0 < 10.0.19042.152610.0.19042.1526
msrcwindows_10_version_1809
msrcwindows_10_version_1909
msrcwindows_10_version_20h2
msrcwindows_10_version_21h1
msrcwindows_10_version_21h2
msrcwindows_11_version_21h2

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH