Report Name: Microsoft Patch Tuesday, July 2022Generated: 2022-07-20 02:58:55
| Product Name | Prevalence | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| AMD Processor | 0.9 | 2 | Processor | ||||
| Active Directory | 0.9 | 1 | Active Directory is a directory service developed by Microsoft for Windows domain networks | ||||
| Remote Procedure Call Runtime | 0.9 | 1 | Remote Procedure Call Runtime | ||||
| Windows DNS Server | 0.9 | 1 | Windows component | ||||
| Windows Kernel | 0.9 | 1 | Windows Kernel | ||||
| BitLocker | 0.8 | 1 | A full volume encryption feature included with Microsoft Windows versions starting with Windows Vista | ||||
| Microsoft Edge | 0.8 | 1 | 13 | 1 | Web browser | ||
| Performance Counters for Windows | 0.8 | 1 | Windows component | ||||
| Windows Advanced Local Procedure Call | 0.8 | 3 | Windows component | ||||
| Windows BitLocker | 0.8 | 1 | Windows component | ||||
| Windows Boot Manager | 0.8 | 1 | Windows component | ||||
| Windows CSRSS | 0.8 | 1 | 2 | Windows component | |||
| Windows Common Log File System Driver | 0.8 | 1 | Windows component | ||||
| Windows Connected Devices Platform Service | 0.8 | 1 | Windows component | ||||
| Windows Credential Guard Domain-joined Public Key | 0.8 | 1 | Windows component | ||||
| Windows Fast FAT File System Driver | 0.8 | 1 | Windows component | ||||
| Windows Fax Service | 0.8 | 2 | 1 | Windows component | |||
| Windows GDI | 0.8 | 1 | Windows component | ||||
| Windows Graphics Component | 0.8 | 2 | Windows component | ||||
| Windows Group Policy | 0.8 | 1 | Windows component | ||||
| Windows IIS Server | 0.8 | 1 | Windows component | ||||
| Windows Internet Information Services Cachuri Module | 0.8 | 1 | Windows component | ||||
| Windows Layer 2 Tunneling Protocol (L2TP) | 0.8 | 1 | Windows component | ||||
| Windows Media Player Network Sharing Service | 0.8 | 1 | Windows component | ||||
| Windows Network File System | 0.8 | 2 | 1 | Windows component | |||
| Windows Portable Device Enumerator Service | 0.8 | 1 | Windows component | ||||
| Windows Print Spooler | 0.8 | 1 | 3 | Windows component | |||
| Windows Security Account Manager (SAM) | 0.8 | 1 | Windows component | ||||
| Windows Server Service | 0.8 | 1 | Windows component | ||||
| Windows Shell | 0.8 | 1 | Windows component | ||||
| Windows.Devices.Picker.dll | 0.8 | 1 | Windows component | ||||
| Curl | 0.7 | 1 | Curl is a command-line tool for transferring data specified with URL syntax | ||||
| Microsoft Office | 0.6 | 1 | Microsoft Office | ||||
| Skype for Business | 0.6 | 1 | Skype for Business | ||||
| Windows Hyper-V | 0.6 | 2 | Hardware virtualization component of the client editions of Windows NT | ||||
| Azure Site Recovery | 0.5 | 1 | 31 | Azure Site Recovery | |||
| Azure Storage Library | 0.5 | 1 | Azure Storage Library | ||||
| Internet Information Services Dynamic Compression Module | 0.5 | 1 | Internet Information Services Dynamic Compression Module | ||||
| Microsoft Defender for Endpoint | 0.5 | 1 | Microsoft Defender for Endpoint | ||||
| Xbox Live Save Service | 0.5 | 1 | Xbox Live Save Service |
| Vulnerability Type | Criticality | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Remote Code Execution | 1.0 | 11 | 1 | Remote Code Execution | |||
| Security Feature Bypass | 0.9 | 3 | 5 | Security Feature Bypass | |||
| Denial of Service | 0.7 | 2 | 1 | Denial of Service | |||
| Memory Corruption | 0.6 | 1 | 8 | Memory Corruption | |||
| Elevation of Privilege | 0.5 | 1 | 2 | 53 | Elevation of Privilege | ||
| Information Disclosure | 0.4 | 8 | Information Disclosure | ||||
| Tampering | 0.3 | 2 | Tampering | ||||
| Unknown Vulnerability Type | 0 | 1 | Unknown Vulnerability Type |
1. 
Elevation of Privilege - Windows CSRSS (CVE-2022-22047) - Critical [604]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned on AttackerKB, Microsoft websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: Microsoft Patch Tuesday Summary Microsoft has fixed 84 vulnerabilities (aka flaws) in the July 2022 update, including four (4) vulnerabilities classified as Critical as they allow Remote Code Execution (RCE). This month’s Patch Tuesday cumulative Windows update includes the fix for one (1) actively exploited zero-day vulnerability (CVE-2022-22047). Earlier this month, July 6, 2022, Microsoft also released two (2) Microsoft Edge (Chromium-Based) security updates as well. Microsoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege, Information Disclosure, Microsoft Edge (Chromium-based), Remote Code Execution (RCE), Security Feature Bypass, and Tampering. Many of the vulnerabilities patched this month relate to remote code execution, but there are no reports of active exploitation (in the wild) except for CVE-2022-22047, a Windows CSRSS Elevation of Privilege Vulnerability.
qualys: CVE-2022-22047 | Windows CSRSS Elevation of Privilege Vulnerability This vulnerability has a CVSSv3.1 score of 7.8/10. Elevation of Privilege – Important – An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. (Article 5015874) Exploitability Assessment: Exploitation Detected
tenable: CVE-2022-22047 is an EoP vulnerability in the Windows Client Server Run-Time Subsystem. It received a CVSSv3 score of 7.8 and is rated as Important. Microsoft says this vulnerability has been exploited in the wild, though no further details have been shared at the time of publication. However, this type of vulnerability is likely to have been used as part of post-compromise activity, once an attacker has gained access to their targeted system and run a specially crafted application.
rapid7: One 0-day vulnerability has been patched: CVE-2022-22047 affects all currently supported versions of Microsoft’s pervasive operating system. This is an elevation-of-privilege vulnerability in the Windows Client Server Runtime Subsystem (CSRSS), a critical service that is often impersonated by malware. An attacker with an already-existing foothold can exploit this vulnerability to gain SYSTEM-level privileges. Two similar vulnerabilities in CSRSS (CVE-2022-22049 and CVE-2022-22026) were also fixed, likely as a result of Microsoft’s investigation into the in-the-wild exploitation of CVE-2022-22047.
zdi: CVE-2022-22047 – Windows CSRSS Elevation of Privilege. This bug is listed as being under active attack, but there’s no information from Microsoft on where the vulnerability is being exploited or how widely it is being exploited. The vulnerability allows an attacker to execute code as SYSTEM, provided they can execute other code on the target. Bugs of this type are typically paired with a code execution bug, usually a specially crafted Office or Adobe document, to take over a system. These attacks often rely on macros, which is why so many were disheartened to hear Microsoft’s delay in blocking all Office macros by default.
2. 
Remote Code Execution - Remote Procedure Call Runtime (CVE-2022-22038) - High [572]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Remote Procedure Call Runtime | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2022-22038 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 8.1/10. Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. Exploitability Assessment: Exploitation Less Likely
tenable: CVE-2022-22038 is a RCE vulnerability in the Remote Procedure Call Runtime impacting all supported versions of Windows. The vulnerability received a CVSSv3 score of 8.1 and, while no privileges are required, the CVSS score indicates the attack complexity is high. Microsoft further supports this with a note in the advisory stating that additional actions by an attacker are required in order to prepare a target for successful exploitation. This is one of four vulnerabilities credited to Yuki Chen of Cyber KunLun in this month’s release.
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
zdi: CVE-2022-22038 - Remote Procedure Call Runtime Remote Code Execution Vulnerability. This bug could allow a remote, unauthenticated attacker to exploit code on an affected system. While not specified in the bulletin, the presumption is that the code execution would occur at elevated privileges. Combine these attributes and you end up with a potentially wormable bug. Microsoft states the attack complexity is high since an attacker would need to make “repeated exploitation attempts” to take advantage of this bug, but again, unless you are actively blocking RPC activity, you may not see these attempts. If the exploit complexity were low, which some would argue since the attempts could likely be scripted, the CVSS would be 9.8. Test and deploy this one quickly.
3. 
Memory Corruption - Microsoft Edge (CVE-2022-2294) - High [516]
Description: Chromium: CVE-2022-2294 Heap
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned on AttackerKB website | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2294 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
qualys: Microsoft Last But Not Least Earlier in July, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities CVE-2022-2294 and CVE-2022-2295. The vulnerability assigned to each of these CVEs is in the Chromium Open Source Software (OSS) which is consumed by Microsoft Edge. It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
zdi: Please note that Google is aware that an exploit for one of the Chromium bugs (CVE-2022-2294) exists in the wild. If you’re using Microsoft Edge (Chromium-based), make sure it gets updated as soon as possible.
4. Remote Code Execution - Azure Site Recovery (CVE-2022-33676) - High [483]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
5. Remote Code Execution - Windows Graphics Component (CVE-2022-30221) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2022-30221 | Windows Graphics Component Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim’s system in the context of the targeted user. Windows 7 Service Pack 1 or Windows Server 2008 R2 Service Pack 1 are only affected by this vulnerability if either RDP 8.0 or RDP 8.1 is installed. If you do not have either of these versions of RDP installed on Windows 7 SP1 or Window Server 2008 R2 SP1, then you are not affected by this vulnerability. Exploitability Assessment: Exploitation Less Likely
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
6. Remote Code Execution - Windows DNS Server (CVE-2022-30214) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
7. Remote Code Execution - Windows Fax Service (CVE-2022-22024) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
8. Remote Code Execution - Windows Fax Service (CVE-2022-22027) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
9. Remote Code Execution - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2022-30211) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
10. Remote Code Execution - Windows Network File System (CVE-2022-22029) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2022-22029 | Windows Network File System Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 8.1/10. This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. Exploitability Assessment: Exploitation Less Likely
tenable: CVE-2022-22028 is an information disclosure vulnerability, whileCVE-2022-22029 and CVE-2022-22039are RCE vulnerabilities in the Windows Network File System (NFS). All three flaws were assigned an “Exploitation Less Likely” because these flaws have high attack complexity. In the case of CVE-2022-22029, an attacker would need to “invest time in repeated exploitation attempts” by “sending constant or intermittent data.” Both CVE-2022-22028 and CVE-2022-22039 require an attacker to “win a race condition” in order to exploit these vulnerabilities.
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
zdi: CVE-2022-22029 – Windows Network File System Remote Code Execution Vulnerability. This is the third month in a row with a Critical-rated NFS bug, and while this one has a lower CVSS than the previous ones, it could still allow a remote, unauthenticated attacker to execute their code on an affected system with no user interaction. Microsoft notes multiple exploit attempts may be required to do this, but unless you are specifically auditing for this, you may not notice. If you’re running NFS, make sure you don’t ignore this patch.
11. Remote Code Execution - Windows Network File System (CVE-2022-22039) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
qualys: CVE-2022-22039 | Windows Network File System Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 7.5/10. Successful exploitation of this vulnerability requires an attacker to win a race condition. This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Exploitability Assessment: Exploitation Less Likely
tenable: CVE-2022-22028 is an information disclosure vulnerability, whileCVE-2022-22029 and CVE-2022-22039are RCE vulnerabilities in the Windows Network File System (NFS). All three flaws were assigned an “Exploitation Less Likely” because these flaws have high attack complexity. In the case of CVE-2022-22029, an attacker would need to “invest time in repeated exploitation attempts” by “sending constant or intermittent data.” Both CVE-2022-22028 and CVE-2022-22039 require an attacker to “win a race condition” in order to exploit these vulnerabilities.
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
12. Remote Code Execution - Windows Shell (CVE-2022-30222) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.4. Based on Microsoft data |
13. Elevation of Privilege - Windows Graphics Component (CVE-2022-22034) - High [452]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
14. Elevation of Privilege - Windows Print Spooler (CVE-2022-22041) - High [439]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.8. Based on Microsoft data |
tenable: CVE-2022-22022, CVE-2022-22041, CVE-2022-30206 and CVE-2022-30226 are all EoP vulnerabilities in Windows Print Spooler components. After the deluge of vulnerability disclosures kicked off by PrintNightmare in August 2021, June 2022 was the first month in which Microsoft did not release any patches for Print Spooler. On balance, Microsoft has patched four high severity vulnerabilities in the service, all of which were rated “Exploitation Less Likely” based on Microsoft’s Exploitability Index. Three of the vulnerabilities were credited to researchers who disclosed Print Spooler flaws during the PrintNightmare saga last year. Xuefeng Li and Zhiniang Peng with Sangfor were the ones to kick it all off in late June 2021.
tenable: While the four vulnerabilities received somewhat similar CVSSv3 scores (listed in the table below), they grant attackers different levels of privilege escalation if exploited. CVE-2022-22022 and CVE-2022-30226 only allow an attacker to delete targeted files on a system while CVE-2022-22041 and CVE2022-30206 could grant an attacker SYSTEM privileges.
15. 
Security Feature Bypass - Windows Boot Manager (CVE-2022-30203) - High [428]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.4. Based on Microsoft data |
16. Security Feature Bypass - Windows Portable Device Enumerator Service (CVE-2022-22023) - High [428]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
17. 
Denial of Service - Internet Information Services Dynamic Compression Module (CVE-2022-22040) - High [422]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.7 | 15 | Denial of Service | |
| 0.5 | 14 | Internet Information Services Dynamic Compression Module | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.3. Based on Microsoft data |
18. Security Feature Bypass - BitLocker (CVE-2022-22048) - High [414]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | A full volume encryption feature included with Microsoft Windows versions starting with Windows Vista | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
19. Remote Code Execution - Skype for Business (CVE-2022-33633) - High [410]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Skype for Business | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
20. Denial of Service - Windows Internet Information Services Cachuri Module (CVE-2022-22025) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
21. Elevation of Privilege - Azure Site Recovery (CVE-2022-33674) - Medium [395]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.3. Based on Microsoft data |
22. Elevation of Privilege - Azure Site Recovery (CVE-2022-33675) - Medium [395]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2022-33675 is a EoP vulnerability in Azure Site Recovery, a suite of tools aimed at providing disaster recovery services. The vulnerability was discovered and reported to Microsoft by Tenable researcher Jimi Sebree. It exists due to a directory permission error which can allow an attacker to use DLL hijacking to elevate their privileges to SYSTEM. You can read more about the discovery of the vulnerability on the Tenable Techblog and view our public advisory here.
23. Remote Code Execution - Azure Site Recovery (CVE-2022-33678) - Medium [391]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
24. Denial of Service - Windows Security Account Manager (SAM) (CVE-2022-30208) - Medium [387]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
25. Elevation of Privilege - Azure Site Recovery (CVE-2022-30181) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
26. Elevation of Privilege - Azure Site Recovery (CVE-2022-33641) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
27. Elevation of Privilege - Azure Site Recovery (CVE-2022-33643) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
28. Elevation of Privilege - Azure Site Recovery (CVE-2022-33655) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
29. Elevation of Privilege - Azure Site Recovery (CVE-2022-33656) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
30. Elevation of Privilege - Azure Site Recovery (CVE-2022-33657) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
31. Elevation of Privilege - Azure Site Recovery (CVE-2022-33661) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
32. Elevation of Privilege - Azure Site Recovery (CVE-2022-33662) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
33. Elevation of Privilege - Azure Site Recovery (CVE-2022-33663) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
34. Elevation of Privilege - Azure Site Recovery (CVE-2022-33665) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
35. Elevation of Privilege - Azure Site Recovery (CVE-2022-33666) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
36. Elevation of Privilege - Azure Site Recovery (CVE-2022-33667) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
37. Elevation of Privilege - Azure Site Recovery (CVE-2022-33672) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
38. Elevation of Privilege - Azure Site Recovery (CVE-2022-33673) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
39. Elevation of Privilege - Active Directory (CVE-2022-30215) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Active Directory is a directory service developed by Microsoft for Windows domain networks | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
40. Elevation of Privilege - Windows CSRSS (CVE-2022-22026) - Medium [374]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
rapid7: One 0-day vulnerability has been patched: CVE-2022-22047 affects all currently supported versions of Microsoft’s pervasive operating system. This is an elevation-of-privilege vulnerability in the Windows Client Server Runtime Subsystem (CSRSS), a critical service that is often impersonated by malware. An attacker with an already-existing foothold can exploit this vulnerability to gain SYSTEM-level privileges. Two similar vulnerabilities in CSRSS (CVE-2022-22049 and CVE-2022-22026) were also fixed, likely as a result of Microsoft’s investigation into the in-the-wild exploitation of CVE-2022-22047.
41. Security Feature Bypass - Curl (CVE-2022-27776) - Medium [368]
Description: {'ms_cve_data_all': 'HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.7 | 14 | Curl is a command-line tool for transferring data specified with URL syntax | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.3. Based on Vulners data |
42. Security Feature Bypass - Microsoft Office (CVE-2022-33632) - Medium [363]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.6 | 14 | Microsoft Office | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
43. Elevation of Privilege - Microsoft Edge (CVE-2022-30192) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Web browser | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.3. Based on Microsoft data |
MS PT Extended: CVE-2022-30192 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
44. Elevation of Privilege - Microsoft Edge (CVE-2022-33638) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Web browser | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.3. Based on Microsoft data |
MS PT Extended: CVE-2022-33638 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
45. Elevation of Privilege - Microsoft Edge (CVE-2022-33639) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Web browser | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.7. Based on Microsoft data |
MS PT Extended: CVE-2022-33639 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
46. Elevation of Privilege - Microsoft Edge (CVE-2022-33680) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Web browser | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.3. Based on Microsoft data |
MS PT Extended: CVE-2022-33680 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
47. Elevation of Privilege - Windows Advanced Local Procedure Call (CVE-2022-22037) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
48. Elevation of Privilege - Windows CSRSS (CVE-2022-22049) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
rapid7: One 0-day vulnerability has been patched: CVE-2022-22047 affects all currently supported versions of Microsoft’s pervasive operating system. This is an elevation-of-privilege vulnerability in the Windows Client Server Runtime Subsystem (CSRSS), a critical service that is often impersonated by malware. An attacker with an already-existing foothold can exploit this vulnerability to gain SYSTEM-level privileges. Two similar vulnerabilities in CSRSS (CVE-2022-22049 and CVE-2022-22026) were also fixed, likely as a result of Microsoft’s investigation into the in-the-wild exploitation of CVE-2022-22047.
49. Elevation of Privilege - Windows Common Log File System Driver (CVE-2022-30220) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
50. Elevation of Privilege - Windows Credential Guard Domain-joined Public Key (CVE-2022-22031) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
51. Elevation of Privilege - Windows Fast FAT File System Driver (CVE-2022-22043) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: During most Patch Tuesday releases, Microsoft assigns a single impact for each CVE listed. However, in this month’s Patch Tuesday release, Microsoft assigned an additional impact for two CVEs, CVE-2022-22043 and CVE-2022-30225. As a result, we’ve counted these CVEs twice in the Count by Impact chart.
52. Elevation of Privilege - Windows Fax Service (CVE-2022-22050) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
53. Elevation of Privilege - Windows Print Spooler (CVE-2022-30206) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2022-22022, CVE-2022-22041, CVE-2022-30206 and CVE-2022-30226 are all EoP vulnerabilities in Windows Print Spooler components. After the deluge of vulnerability disclosures kicked off by PrintNightmare in August 2021, June 2022 was the first month in which Microsoft did not release any patches for Print Spooler. On balance, Microsoft has patched four high severity vulnerabilities in the service, all of which were rated “Exploitation Less Likely” based on Microsoft’s Exploitability Index. Three of the vulnerabilities were credited to researchers who disclosed Print Spooler flaws during the PrintNightmare saga last year. Xuefeng Li and Zhiniang Peng with Sangfor were the ones to kick it all off in late June 2021.
54. Elevation of Privilege - Windows.Devices.Picker.dll (CVE-2022-22045) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
55. Elevation of Privilege - Azure Site Recovery (CVE-2022-33642) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
56. Elevation of Privilege - Azure Site Recovery (CVE-2022-33650) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
57. Elevation of Privilege - Azure Site Recovery (CVE-2022-33651) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
58. Elevation of Privilege - Azure Site Recovery (CVE-2022-33653) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
59. Elevation of Privilege - Azure Site Recovery (CVE-2022-33654) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
60. Elevation of Privilege - Azure Site Recovery (CVE-2022-33659) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
61. Elevation of Privilege - Azure Site Recovery (CVE-2022-33660) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
62. Elevation of Privilege - Azure Site Recovery (CVE-2022-33664) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
63. Elevation of Privilege - Azure Site Recovery (CVE-2022-33668) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
64. Elevation of Privilege - Azure Site Recovery (CVE-2022-33669) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
65. Elevation of Privilege - Azure Site Recovery (CVE-2022-33671) - Medium [355]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
66. Elevation of Privilege - Performance Counters for Windows (CVE-2022-22036) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
67. Elevation of Privilege - Windows Advanced Local Procedure Call (CVE-2022-30202) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
68. Elevation of Privilege - Windows Advanced Local Procedure Call (CVE-2022-30224) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
69. Elevation of Privilege - Windows Group Policy (CVE-2022-30205) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
70. Elevation of Privilege - Windows IIS Server (CVE-2022-30209) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.4. Based on Microsoft data |
71. Elevation of Privilege - Windows Media Player Network Sharing Service (CVE-2022-30225) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
tenable: During most Patch Tuesday releases, Microsoft assigns a single impact for each CVE listed. However, in this month’s Patch Tuesday release, Microsoft assigned an additional impact for two CVEs, CVE-2022-22043 and CVE-2022-30225. As a result, we’ve counted these CVEs twice in the Count by Impact chart.
72. Elevation of Privilege - Windows Print Spooler (CVE-2022-22022) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
tenable: CVE-2022-22022, CVE-2022-22041, CVE-2022-30206 and CVE-2022-30226 are all EoP vulnerabilities in Windows Print Spooler components. After the deluge of vulnerability disclosures kicked off by PrintNightmare in August 2021, June 2022 was the first month in which Microsoft did not release any patches for Print Spooler. On balance, Microsoft has patched four high severity vulnerabilities in the service, all of which were rated “Exploitation Less Likely” based on Microsoft’s Exploitability Index. Three of the vulnerabilities were credited to researchers who disclosed Print Spooler flaws during the PrintNightmare saga last year. Xuefeng Li and Zhiniang Peng with Sangfor were the ones to kick it all off in late June 2021.
tenable: While the four vulnerabilities received somewhat similar CVSSv3 scores (listed in the table below), they grant attackers different levels of privilege escalation if exploited. CVE-2022-22022 and CVE-2022-30226 only allow an attacker to delete targeted files on a system while CVE-2022-22041 and CVE2022-30206 could grant an attacker SYSTEM privileges.
73. Elevation of Privilege - Windows Print Spooler (CVE-2022-30226) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
tenable: CVE-2022-22022, CVE-2022-22041, CVE-2022-30206 and CVE-2022-30226 are all EoP vulnerabilities in Windows Print Spooler components. After the deluge of vulnerability disclosures kicked off by PrintNightmare in August 2021, June 2022 was the first month in which Microsoft did not release any patches for Print Spooler. On balance, Microsoft has patched four high severity vulnerabilities in the service, all of which were rated “Exploitation Less Likely” based on Microsoft’s Exploitability Index. Three of the vulnerabilities were credited to researchers who disclosed Print Spooler flaws during the PrintNightmare saga last year. Xuefeng Li and Zhiniang Peng with Sangfor were the ones to kick it all off in late June 2021.
tenable: While the four vulnerabilities received somewhat similar CVSSv3 scores (listed in the table below), they grant attackers different levels of privilege escalation if exploited. CVE-2022-22022 and CVE-2022-30226 only allow an attacker to delete targeted files on a system while CVE-2022-22041 and CVE2022-30206 could grant an attacker SYSTEM privileges.
74. Elevation of Privilege - Azure Site Recovery (CVE-2022-33652) - Medium [341]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.4. Based on Microsoft data |
75. Elevation of Privilege - Azure Site Recovery (CVE-2022-33658) - Medium [341]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.4. Based on Microsoft data |
76. 
Information Disclosure - Azure Storage Library (CVE-2022-30187) - Medium [335]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.4 | 15 | Information Disclosure | |
| 0.5 | 14 | Azure Storage Library | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
77. Security Feature Bypass - Microsoft Edge (CVE-2022-2160) - Medium [333]
Description: Chromium: CVE-2022-2160
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2160 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
78. Security Feature Bypass - Microsoft Edge (CVE-2022-2162) - Medium [333]
Description: Chromium: CVE-2022-2162
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2162 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
79. Security Feature Bypass - Microsoft Edge (CVE-2022-2165) - Medium [333]
Description: Chromium: CVE-2022-2165
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2165 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
80. 
Tampering - Windows Server Service (CVE-2022-30216) - Medium [333]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.3 | 15 | Tampering | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
zdi: CVE-2022-30216 – Windows Server Service Tampering Vulnerability. This patch corrects a tampering vulnerability in the Windows Server Service that could allow an authenticated attacker to upload a malicious certificate to a target server. While this is listed as “Tampering”, an attacker who could install their own certificate on a target system could use this bug for various purposes, including code execution. While tampering bugs don’t often get much attention, Microsoft does give this its highest exploit index rating, meaning they expect active exploits within 30 days. Definitely test and deploy this patch quickly – especially to your critical servers.
81. Information Disclosure - Windows BitLocker (CVE-2022-22711) - Medium [327]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.7. Based on Microsoft data |
82. Information Disclosure - Windows Kernel (CVE-2022-21845) - Medium [318]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.9 | 14 | Windows Kernel | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
83. Information Disclosure - Windows GDI (CVE-2022-30213) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
84. Information Disclosure - Windows Network File System (CVE-2022-22028) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.9. Based on Microsoft data |
tenable: CVE-2022-22028 is an information disclosure vulnerability, whileCVE-2022-22029 and CVE-2022-22039are RCE vulnerabilities in the Windows Network File System (NFS). All three flaws were assigned an “Exploitation Less Likely” because these flaws have high attack complexity. In the case of CVE-2022-22029, an attacker would need to “invest time in repeated exploitation attempts” by “sending constant or intermittent data.” Both CVE-2022-22028 and CVE-2022-22039 require an attacker to “win a race condition” in order to exploit these vulnerabilities.
85. Information Disclosure - Windows Connected Devices Platform Service (CVE-2022-30212) - Medium [300]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
86. Memory Corruption - AMD Processor (CVE-2022-23816) - Medium [291]
Description: AMD: CVE-2022-23816
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.9 | 14 | Processor | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
87. Memory Corruption - AMD Processor (CVE-2022-23825) - Medium [291]
Description: AMD: CVE-2022-23825
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.9 | 14 | Processor | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
88. Elevation of Privilege - Azure Site Recovery (CVE-2022-33677) - Medium [290]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Site Recovery | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
89. Elevation of Privilege - Xbox Live Save Service (CVE-2022-33644) - Medium [290]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Xbox Live Save Service | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
90. Information Disclosure - Windows Hyper-V (CVE-2022-22042) - Medium [289]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
91. Information Disclosure - Windows Hyper-V (CVE-2022-30223) - Medium [275]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.4 | 15 | Information Disclosure | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.7. Based on Microsoft data |
92. Memory Corruption - Microsoft Edge (CVE-2022-2156) - Medium [272]
Description: Chromium: CVE-2022-2156
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2156 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
93. Memory Corruption - Microsoft Edge (CVE-2022-2157) - Medium [272]
Description: Chromium: CVE-2022-2157
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2157 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
94. Memory Corruption - Microsoft Edge (CVE-2022-2158) - Medium [272]
Description: Chromium: CVE-2022-2158
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2158 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
95. Memory Corruption - Microsoft Edge (CVE-2022-2161) - Medium [272]
Description: Chromium: CVE-2022-2161
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2161 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
96. Memory Corruption - Microsoft Edge (CVE-2022-2163) - Medium [272]
Description: Chromium: CVE-2022-2163
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2163 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
97. Memory Corruption - Microsoft Edge (CVE-2022-2295) - Medium [272]
Description: Chromium: CVE-2022-2295
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2295 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
qualys: Microsoft Last But Not Least Earlier in July, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities CVE-2022-2294 and CVE-2022-2295. The vulnerability assigned to each of these CVEs is in the Chromium Open Source Software (OSS) which is consumed by Microsoft Edge. It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
98. Tampering - Microsoft Defender for Endpoint (CVE-2022-33637) - Medium [250]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0.3 | 15 | Tampering | |
| 0.5 | 14 | Microsoft Defender for Endpoint | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
99. 
Unknown Vulnerability Type - Microsoft Edge (CVE-2022-2164) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-2164 Inappropriate implementation in Extensions API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The existence of a public exploit is NOT mentioned on Vulners and Microsoft websites | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-2164 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
Elevation of Privilege (1)qualys: Microsoft Patch Tuesday Summary Microsoft has fixed 84 vulnerabilities (aka flaws) in the July 2022 update, including four (4) vulnerabilities classified as Critical as they allow Remote Code Execution (RCE). This month’s Patch Tuesday cumulative Windows update includes the fix for one (1) actively exploited zero-day vulnerability (CVE-2022-22047). Earlier this month, July 6, 2022, Microsoft also released two (2) Microsoft Edge (Chromium-Based) security updates as well. Microsoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege, Information Disclosure, Microsoft Edge (Chromium-based), Remote Code Execution (RCE), Security Feature Bypass, and Tampering. Many of the vulnerabilities patched this month relate to remote code execution, but there are no reports of active exploitation (in the wild) except for CVE-2022-22047, a Windows CSRSS Elevation of Privilege Vulnerability.
qualys: CVE-2022-22047 | Windows CSRSS Elevation of Privilege Vulnerability This vulnerability has a CVSSv3.1 score of 7.8/10. Elevation of Privilege – Important – An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. (Article 5015874) Exploitability Assessment: Exploitation Detected
tenable: CVE-2022-22047 is an EoP vulnerability in the Windows Client Server Run-Time Subsystem. It received a CVSSv3 score of 7.8 and is rated as Important. Microsoft says this vulnerability has been exploited in the wild, though no further details have been shared at the time of publication. However, this type of vulnerability is likely to have been used as part of post-compromise activity, once an attacker has gained access to their targeted system and run a specially crafted application.
rapid7: One 0-day vulnerability has been patched: CVE-2022-22047 affects all currently supported versions of Microsoft’s pervasive operating system. This is an elevation-of-privilege vulnerability in the Windows Client Server Runtime Subsystem (CSRSS), a critical service that is often impersonated by malware. An attacker with an already-existing foothold can exploit this vulnerability to gain SYSTEM-level privileges. Two similar vulnerabilities in CSRSS (CVE-2022-22049 and CVE-2022-22026) were also fixed, likely as a result of Microsoft’s investigation into the in-the-wild exploitation of CVE-2022-22047.
zdi: CVE-2022-22047 – Windows CSRSS Elevation of Privilege. This bug is listed as being under active attack, but there’s no information from Microsoft on where the vulnerability is being exploited or how widely it is being exploited. The vulnerability allows an attacker to execute code as SYSTEM, provided they can execute other code on the target. Bugs of this type are typically paired with a code execution bug, usually a specially crafted Office or Adobe document, to take over a system. These attacks often rely on macros, which is why so many were disheartened to hear Microsoft’s delay in blocking all Office macros by default.
Memory Corruption (1)MS PT Extended: CVE-2022-2294 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
qualys: Microsoft Last But Not Least Earlier in July, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities CVE-2022-2294 and CVE-2022-2295. The vulnerability assigned to each of these CVEs is in the Chromium Open Source Software (OSS) which is consumed by Microsoft Edge. It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
zdi: Please note that Google is aware that an exploit for one of the Chromium bugs (CVE-2022-2294) exists in the wild. If you’re using Microsoft Edge (Chromium-based), make sure it gets updated as soon as possible.
Remote Code Execution (12)qualys: CVE-2022-22038 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 8.1/10. Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. Exploitability Assessment: Exploitation Less Likely
tenable: CVE-2022-22038 is a RCE vulnerability in the Remote Procedure Call Runtime impacting all supported versions of Windows. The vulnerability received a CVSSv3 score of 8.1 and, while no privileges are required, the CVSS score indicates the attack complexity is high. Microsoft further supports this with a note in the advisory stating that additional actions by an attacker are required in order to prepare a target for successful exploitation. This is one of four vulnerabilities credited to Yuki Chen of Cyber KunLun in this month’s release.
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
zdi: CVE-2022-22038 - Remote Procedure Call Runtime Remote Code Execution Vulnerability. This bug could allow a remote, unauthenticated attacker to exploit code on an affected system. While not specified in the bulletin, the presumption is that the code execution would occur at elevated privileges. Combine these attributes and you end up with a potentially wormable bug. Microsoft states the attack complexity is high since an attacker would need to make “repeated exploitation attempts” to take advantage of this bug, but again, unless you are actively blocking RPC activity, you may not see these attempts. If the exploit complexity were low, which some would argue since the attempts could likely be scripted, the CVSS would be 9.8. Test and deploy this one quickly.
qualys: CVE-2022-30221 | Windows Graphics Component Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim’s system in the context of the targeted user. Windows 7 Service Pack 1 or Windows Server 2008 R2 Service Pack 1 are only affected by this vulnerability if either RDP 8.0 or RDP 8.1 is installed. If you do not have either of these versions of RDP installed on Windows 7 SP1 or Window Server 2008 R2 SP1, then you are not affected by this vulnerability. Exploitability Assessment: Exploitation Less Likely
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
qualys: CVE-2022-22029 | Windows Network File System Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 8.1/10. This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. Exploitability Assessment: Exploitation Less Likely
qualys: CVE-2022-22039 | Windows Network File System Remote Code Execution Vulnerability This vulnerability has a CVSSv3.1 score of 7.5/10. Successful exploitation of this vulnerability requires an attacker to win a race condition. This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Exploitability Assessment: Exploitation Less Likely
tenable: CVE-2022-22028 is an information disclosure vulnerability, whileCVE-2022-22029 and CVE-2022-22039are RCE vulnerabilities in the Windows Network File System (NFS). All three flaws were assigned an “Exploitation Less Likely” because these flaws have high attack complexity. In the case of CVE-2022-22029, an attacker would need to “invest time in repeated exploitation attempts” by “sending constant or intermittent data.” Both CVE-2022-22028 and CVE-2022-22039 require an attacker to “win a race condition” in order to exploit these vulnerabilities.
rapid7: Four critical remote code execution (RCE) vulnerabilities were fixed today. CVE-2022-22029 and CVE-2022-22039 affect network file system (NFS) servers, and CVE-2022-22038 affects the remote procedure call (RPC) runtime. Although all three of these will be relatively tricky for attackers to exploit due to the amount of sustained data that needs to be transmitted, administrators should patch sooner rather than later. CVE-2022-30221 supposedly affects the Windows Graphics Component, though Microsoft’s FAQ indicates that exploitation requires users to access a malicious RDP server.
zdi: CVE-2022-22029 – Windows Network File System Remote Code Execution Vulnerability. This is the third month in a row with a Critical-rated NFS bug, and while this one has a lower CVSS than the previous ones, it could still allow a remote, unauthenticated attacker to execute their code on an affected system with no user interaction. Microsoft notes multiple exploit attempts may be required to do this, but unless you are specifically auditing for this, you may not notice. If you’re running NFS, make sure you don’t ignore this patch.
Elevation of Privilege (55)tenable: CVE-2022-22022, CVE-2022-22041, CVE-2022-30206 and CVE-2022-30226 are all EoP vulnerabilities in Windows Print Spooler components. After the deluge of vulnerability disclosures kicked off by PrintNightmare in August 2021, June 2022 was the first month in which Microsoft did not release any patches for Print Spooler. On balance, Microsoft has patched four high severity vulnerabilities in the service, all of which were rated “Exploitation Less Likely” based on Microsoft’s Exploitability Index. Three of the vulnerabilities were credited to researchers who disclosed Print Spooler flaws during the PrintNightmare saga last year. Xuefeng Li and Zhiniang Peng with Sangfor were the ones to kick it all off in late June 2021.
tenable: While the four vulnerabilities received somewhat similar CVSSv3 scores (listed in the table below), they grant attackers different levels of privilege escalation if exploited. CVE-2022-22022 and CVE-2022-30226 only allow an attacker to delete targeted files on a system while CVE-2022-22041 and CVE2022-30206 could grant an attacker SYSTEM privileges.
tenable: CVE-2022-33675 is a EoP vulnerability in Azure Site Recovery, a suite of tools aimed at providing disaster recovery services. The vulnerability was discovered and reported to Microsoft by Tenable researcher Jimi Sebree. It exists due to a directory permission error which can allow an attacker to use DLL hijacking to elevate their privileges to SYSTEM. You can read more about the discovery of the vulnerability on the Tenable Techblog and view our public advisory here.
rapid7: One 0-day vulnerability has been patched: CVE-2022-22047 affects all currently supported versions of Microsoft’s pervasive operating system. This is an elevation-of-privilege vulnerability in the Windows Client Server Runtime Subsystem (CSRSS), a critical service that is often impersonated by malware. An attacker with an already-existing foothold can exploit this vulnerability to gain SYSTEM-level privileges. Two similar vulnerabilities in CSRSS (CVE-2022-22049 and CVE-2022-22026) were also fixed, likely as a result of Microsoft’s investigation into the in-the-wild exploitation of CVE-2022-22047.
MS PT Extended: CVE-2022-33638 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-33680 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-33639 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-30192 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
tenable: During most Patch Tuesday releases, Microsoft assigns a single impact for each CVE listed. However, in this month’s Patch Tuesday release, Microsoft assigned an additional impact for two CVEs, CVE-2022-22043 and CVE-2022-30225. As a result, we’ve counted these CVEs twice in the Count by Impact chart.
tenable: During most Patch Tuesday releases, Microsoft assigns a single impact for each CVE listed. However, in this month’s Patch Tuesday release, Microsoft assigned an additional impact for two CVEs, CVE-2022-22043 and CVE-2022-30225. As a result, we’ve counted these CVEs twice in the Count by Impact chart.
Security Feature Bypass (8)MS PT Extended: CVE-2022-2160 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2162 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2165 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
Denial of Service (3)Information Disclosure (8)tenable: CVE-2022-22028 is an information disclosure vulnerability, whileCVE-2022-22029 and CVE-2022-22039are RCE vulnerabilities in the Windows Network File System (NFS). All three flaws were assigned an “Exploitation Less Likely” because these flaws have high attack complexity. In the case of CVE-2022-22029, an attacker would need to “invest time in repeated exploitation attempts” by “sending constant or intermittent data.” Both CVE-2022-22028 and CVE-2022-22039 require an attacker to “win a race condition” in order to exploit these vulnerabilities.
Tampering (2)zdi: CVE-2022-30216 – Windows Server Service Tampering Vulnerability. This patch corrects a tampering vulnerability in the Windows Server Service that could allow an authenticated attacker to upload a malicious certificate to a target server. While this is listed as “Tampering”, an attacker who could install their own certificate on a target system could use this bug for various purposes, including code execution. While tampering bugs don’t often get much attention, Microsoft does give this its highest exploit index rating, meaning they expect active exploits within 30 days. Definitely test and deploy this patch quickly – especially to your critical servers.
Memory Corruption (8)MS PT Extended: CVE-2022-2158 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2163 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2161 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2156 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2157 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
MS PT Extended: CVE-2022-2295 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11
qualys: Microsoft Last But Not Least Earlier in July, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities CVE-2022-2294 and CVE-2022-2295. The vulnerability assigned to each of these CVEs is in the Chromium Open Source Software (OSS) which is consumed by Microsoft Edge. It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
Unknown Vulnerability Type (1)MS PT Extended: CVE-2022-2164 was published before July 2022 Patch Tuesday from 2022-06-15 to 2022-07-11