CVE-2022-41044Race Condition in Microsoft Windows 7

CWE-362Race Condition6 documents5 sources
Severity
8.1HIGHNVD
EPSS
1.0%
top 22.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Microsoft Windows 7Microsoft Windows 7 Service Pack 1Microsoft Windows Server 2008 R2 Service Pack 1+2 more
Timeline
PublishedNov 9
Latest updateNov 10

Description

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages5 packages

CVEListV5microsoft/windows_76.1.06.1.7601.26221
CVEListV5microsoft/windows_7_service_pack_16.1.06.1.7601.26221
CVEListV5microsoft/windows_server_2008_service_pack_26.0.6003.06.0.6003.21768
CVEListV5microsoft/windows_server_2008_r2_service_pack_16.1.7601.06.1.7601.26221

🔴Vulnerability Details

2
GHSA
GHSA-6wrg-q4hc-hrw5: Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability2022-11-10
CVEList
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability2022-11-09

📋Vendor Advisories

1
Microsoft
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability2022-11-08

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday for November 2022 — Snort rules and prominent vulnerabilities2022-11-08
Talos
Microsoft Patch Tuesday for November 2022 — Snort rules and prominent vulnerabilities2022-11-08
CVE-2022-41044 — Race Condition in Microsoft Windows 7 | cvebase