cbcvebase.
CVE-2022-37974
published 2022-10-11

CVE-2022-37974: Windows Mixed Reality Developer Tools Information Disclosure Vulnerability

PriorityP341medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
EPSS
36.29%
98.3th percentile
Windows Mixed Reality Developer Tools Information Disclosure Vulnerability

Affected

12 ranges
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10_version_21h1>= 10.0.0 < 10.0.19043.213010.0.19043.2130
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.213010.0.19044.2130
microsoftwindows_11
microsoftwindows_11_version_21h2>= 10.0.0 < 10.0.22000.109810.0.22000.1098
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.67410.0.22621.674
msrcwindows_10_version_21h1_for_x64-based_systems
msrcwindows_10_version_21h2_for_x64-based_systems
msrcwindows_11_version_21h2_for_x64-based_systems
msrcwindows_11_version_22h2_for_x64-based_systems

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vendor_msrc6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.