Msrc Windows Server 2022 vulnerabilities

CVE-2022-29131 [HIGH] Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? This vulnerability could be exploited over the network by an authenticated attacker through a low complexity attack on a server configured as the domain controller. Windows LDAP - Lightweight Directory Access Protocol: Windows LDAP - Lightweig

CVE-2022-26938 [HIGH] Storage Spaces Direct Elevation of Privilege Vulnerability Storage Spaces Direct Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows Storage Spaces Controller: Windows Storage Spaces Controller Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privi

CVE-2022-26913 [HIGH] Windows Authentication Information Disclosure Vulnerability Windows Authentication Information Disclosure Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack. FAQ: How could an

CVE-2022-26940 [MEDIUM] Remote Desktop Protocol Client Information Disclosure Vulnerability Remote Desktop Protocol Client Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Remote Desktop Client: Remote Desktop Client Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Pu

CVE-2022-26933 [MEDIUM] Windows NTFS Information Disclosure Vulnerability Windows NTFS Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content. Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likel

CVE-2022-29140 [MEDIUM] Windows Print Spooler Information Disclosure Vulnerability Windows Print Spooler Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Requir

CVE-2022-29122 [MEDIUM] Windows Clustered Shared Volume Information Disclosure Vulnerability Windows Clustered Shared Volume Information Disclosure Vulnerability FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level t

CVE-2022-29114 [MEDIUM] Windows Print Spooler Information Disclosure Vulnerability Windows Print Spooler Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Requir

CVE-2022-29134 [MEDIUM] Windows Clustered Shared Volume Information Disclosure Vulnerability Windows Clustered Shared Volume Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. FAQ: According to the CVSS metric, successful

CVE-2022-24466 [MEDIUM] Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? This Hyper-V vulnerability relates to a Virtual Machine Switch with virtual networking in Hyper-V Network Virtualization (HNV). It might be possible to bypass extended ACLs and other Windows security feature checks. See Create Security Policies with Extended Port Acc

CVE-2022-29120 [MEDIUM] Windows Clustered Shared Volume Information Disclosure Vulnerability Windows Clustered Shared Volume Information Disclosure Vulnerability FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level t

CVE-2022-26930 [MEDIUM] Windows Remote Access Connection Manager Information Disclosure Vulnerability Windows Remote Access Connection Manager Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows

CVE-2022-29102 [MEDIUM] Windows Failover Cluster Information Disclosure Vulnerability Windows Failover Cluster Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Failover Cluster Automation Server: Windows Failover

CVE-2022-29123 [MEDIUM] Windows Clustered Shared Volume Information Disclosure Vulnerability Windows Clustered Shared Volume Information Disclosure Vulnerability FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level t

CVE-2022-24491 [CRITICAL] Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability FAQ: I am running a supported version of Windows Server. Is my system vulnerable to this issue? This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. More information on installing or uninstalling Roles or Role Services is available here. FAQ: How could an att

CVE-2022-24497 [CRITICAL] Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability FAQ: I am running a supported version of Windows Server. Is my system vulnerable to this issue? This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. More information on installing or uninstalling Roles or Role Services is available here. FAQ: How could an att

CVE-2022-24479 [HIGH] Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Windows Feedback Hub: Windows Feedback Hub Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft

CVE-2022-23257 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates tha

CVE-2022-22009 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate th

CVE-2022-24495 [HIGH] Windows Direct Show Remote Code Execution Vulnerability Windows Direct Show Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indic