CVE-2022-22017

CWE-235 documents5 sources
Severity
8.8HIGH
EPSS
14.6%
top 5.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Remote Desktop Client FOR Windows DesktopMicrosoft Windows 11 Version 21h2Microsoft Windows Server 2022
Timeline
PublishedMay 10
Latest updateMay 11

Description

Remote Desktop Client Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5microsoft/windows_server_202210.0.20348.010.0.20348.707
CVEListV5microsoft/windows_11_version_21h210.0.010.0.22000.675

Patches

Patch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-xwch-gx2x-qj27: Remote Desktop Client Remote Code Execution Vulnerability2022-05-11
CVEList
Remote Desktop Client Remote Code Execution Vulnerability2022-05-10

📋Vendor Advisories

2
Microsoft
Remote Desktop Client Remote Code Execution Vulnerability2022-05-10
CISA
VMware vCenter Server Improper Access Control2022-01-10