Msrc Windows Server Version 20H2 vulnerabilities

CVE-2022-22711 [MEDIUM] Windows BitLocker Information Disclosure Vulnerability Windows BitLocker Information Disclosure Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. FAQ: What type of information could be disclosed by this vulnerability? The type of

CVE-2022-30214 [MEDIUM] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted. FAQ: According to the CVSS me

CVE-2022-30223 [MEDIUM] Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Information Disclosure Vulnerability FAQ: According to the CVSS metric, the Hyper-V attack vector is adjacent (AV:A). What does that mean for this vulnerability? Where the attack vector metric is Adjacent (A), this represents virtual machines connected via a Hyper-V Network Virtualization (HNV) logical network. This configuration forms an isolation boundary where the virtual machines within the virtual

CVE-2022-22028 [MEDIUM] Windows Network File System Information Disclosure Vulnerability Windows Network File System Information Disclosure Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker

CVE-2022-30212 [MEDIUM] Windows Connected Devices Platform Service Information Disclosure Vulnerability Windows Connected Devices Platform Service Information Disclosure Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What type of information could be disclosed by this vulnerability? The type of information that coul

CVE-2022-22042 [MEDIUM] Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker can gain access to uninitialized buffer information. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;

CVE-2022-30132 [HIGH] Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service: Windows Container Manager Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://cata

CVE-2022-30150 [HIGH] Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. FAQ: According to the CVSS metric, privileges required is l

CVE-2022-30131 [HIGH] Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Windows Container Isolation FS Filter Driver: Windows Container Isolation FS Filter Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation

CVE-2022-30145 [HIGH] Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Windows Encrypting File System (EFS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does

CVE-2022-30165 [HIGH] Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos Elevation of Privilege Vulnerability FAQ: I am running a supported version of Windows Server. Is my system vulnerable to this issue? Systems configured to activate both of the following features in Windows Server: CredSSP (Credential Security Service Provider) and RCG (Remote Credential Guard) might be vulnerable to this exploit. FAQ: How could an attacker exploit this vulnerability? An authenticated a

CVE-2022-30164 [HIGH] Kerberos AppContainer Security Feature Bypass Vulnerability Kerberos AppContainer Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker could bypass the Kerberos service ticketing feature which performs user access control checks. FAQ: How could an attacker exploit this vulnerability? An low privilege attacker could execute a script within an App Container to request a service

CVE-2022-30139 [HIGH] Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability FAQ: Are there any special conditions necessary for this vulnerability to be exploitable? Yes. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. For more

CVE-2022-30163 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment. FAQ: According to the CVS

CVE-2022-30154 [MEDIUM] Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability FAQ: I am running a supported version of Windows Server. Is my system vulnerable to this issue? Systems running Windows Server that have the optional component File Server VSS Agent Service installed are vulnerable to this exploit. By default, systems running Windows Server are not vulnerab

CVE-2022-30148 [MEDIUM] Windows Desired State Configuration (DSC) Information Disclosure Vulnerability Windows Desired State Configuration (DSC) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files created by the affected CLI commands and published by Azure DevOps and/or GitHub Actions. Windows PowerShell: Windows Powe

CVE-2022-30162 [MEDIUM] Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required:

CVE-2022-26937 [CRITICAL] Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Windows Network File System: Windows Network File System Microsoft: Microsoft Customer Action Requ

CVE-2022-29106 [HIGH] Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of P

CVE-2022-26927 [HIGH] Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The resulting Remote Code Execution would be within t