Msrc Windows Server 2012 vulnerabilities

CVE-2022-24498 [MEDIUM] Windows iSCSI Target Service Information Disclosure Vulnerability Windows iSCSI Target Service Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Windows iSCSI Target Service: Windows iSCSI Target Service Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit

CVE-2022-26820 [MEDIUM] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted. FAQ: According to the CVSS me

CVE-2022-24484 [MEDIUM] Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Windows Cluster Shared Volume (CSV): Windows Cluster Shared Volume (CSV) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.mi

CVE-2022-26822 [MEDIUM] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerab

CVE-2022-26784 [MEDIUM] Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Windows Cluster Shared Volume (CSV): Windows Cluster Shared Volume (CSV) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.mi

CVE-2022-26821 [MEDIUM] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted. FAQ: According to the CVSS me

CVE-2022-24538 [MEDIUM] Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Windows Cluster Shared Volume (CSV): Windows Cluster Shared Volume (CSV) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.mi

CVE-2022-26829 [MEDIUM] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted. FAQ: According to the CVSS me

CVE-2022-24459 [HIGH] Windows Fax and Scan Service Elevation of Privilege Vulnerability Windows Fax and Scan Service Elevation of Privilege Vulnerability Windows Fax and Scan Service: Windows Fax and Scan Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsof

CVE-2022-23298 [HIGH] Windows NT OS Kernel Elevation of Privilege Vulnerability Windows NT OS Kernel Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed

CVE-2022-24455 [HIGH] Windows CD-ROM Driver Elevation of Privilege Vulnerability Windows CD-ROM Driver Elevation of Privilege Vulnerability Windows CD-ROM Driver: Windows CD-ROM Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=K

CVE-2022-23285 [HIGH] Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client. Windows Remote Desktop: Windows Remote Desktop M

CVE-2022-23294 [HIGH] Windows Event Tracing Remote Code Execution Vulnerability Windows Event Tracing Remote Code Execution Vulnerability FAQ: How can an attacker exploit this vulnerability? An authenticated attacker could potentially take advantage of this vulnerability to execute malicious code through the Event Log's Remote Procedure Call (RPC) endpoint on the server-side. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any a

CVE-2022-23283 [HIGH] Windows ALPC Elevation of Privilege Vulnerability Windows ALPC Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows ALPC: Windows ALPC Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Lat

CVE-2022-21990 [HIGH] Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client. Windows Remote Desktop: Windows Remote Desktop M

CVE-2022-23296 [HIGH] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Windows Installer: Windows Installer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011503 Refere

CVE-2022-23284 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v

CVE-2022-23290 [HIGH] Windows Inking COM Elevation of Privilege Vulnerability Windows Inking COM Elevation of Privilege Vulnerability Windows COM: Windows COM Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011503 Reference: https

CVE-2022-23299 [HIGH] Windows PDEV Elevation of Privilege Vulnerability Windows PDEV Elevation of Privilege Vulnerability FAQ: What is a Windows PDEV? A Windows PDEV is a logical representation of the physical device. It is characterized by the type of hardware, logical address, and surfaces that can be supported. As an example of a driver supporting a PDEV characterized by the type of hardware, one driver could support the LaserWhiz, LaserWhiz II, and LaserWhiz Super printers. For more informa

CVE-2022-24454 [HIGH] Windows Security Support Provider Interface Elevation of Privilege Vulnerability Windows Security Support Provider Interface Elevation of Privilege Vulnerability Windows Security Support Provider Interface: Windows Security Support Provider Interface Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less