CVE-2022-22045Improper Privilege Management in Microsoft Windows 10 Version 1507

CWE-269Improper Privilege Management5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.7%
top 28.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+9 more
Timeline
PublishedJul 12
Latest updateJul 13

Description

Windows.Devices.Picker.dll Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages13 packages

CVEListV5microsoft/windows_server_201610.0.14393.010.0.14393.5246
CVEListV5microsoft/windows_server_201910.0.17763.010.0.17763.3165
CVEListV5microsoft/windows_server_202210.0.20348.010.0.20348.825
CVEListV5microsoft/windows_10_version_150710.0.10240.010.0.10240.19360
CVEListV5microsoft/windows_10_version_160710.0.14393.010.0.14393.5246

🔴Vulnerability Details

2
GHSA
GHSA-gq6v-7w53-4742: Windows2022-07-13
CVEList
Windows.Devices.Picker.dll Elevation of Privilege Vulnerability2022-07-12

📋Vendor Advisories

2
Microsoft
Windows.Devices.Picker.dll Elevation of Privilege Vulnerability2022-07-12
VMware
VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)2022-01-04
CVE-2022-22045 — Improper Privilege Management | cvebase