CVE-2022-35804 — Microsoft Windows 11 Version 21h2 vulnerability

10 documents7 sources

Severity

8.8HIGHNVD

EPSS

13.7%

top 5.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 11 Version 21h2 Msrc Windows 11 Version 21h2 FOR Arm64-based Systems Msrc Windows 11 Version 21h2 FOR X64-based Systems

Timeline

PublishedAug 9

Latest updateAug 10

Description

SMB Client and Server Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5microsoft/windows_11_version_21h210.0.0 — 10.0.22000.856

▶msrcmsrc/windows_11_version_21h2_for_x64-based_systems

▶msrcmsrc/windows_11_version_21h2_for_arm64-based_systems

🔴Vulnerability Details

GHSA

GHSA-hq89-86g9-8p72: SMB Client and Server Remote Code Execution Vulnerability↗2022-08-10

▶

📋Vendor Advisories

Microsoft

SMB Client and Server Remote Code Execution Vulnerability↗2022-08-09

▶

🕵️Threat Intelligence

Tenable

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)↗2022-08-09

▶

Talos

Microsoft Patch Tuesday for August 2022 — Snort rules and prominent vulnerabilities↗2022-08-09

▶

Qualys

August 2022 Patch Tuesday | Microsoft Releases 121 Vulnerabilities With 17 Critical, Plus 20 Microsoft Edge (Chromium-Based); Adobe Releases 5 Advisories, 25 Vulnerabilities With 15 Critical. | Qualys↗2022-08-09

▶

Talos

Microsoft Patch Tuesday for August 2022 — Snort rules and prominent vulnerabilities↗2022-08-09

▶

Qualys

▶