Report Name: Microsoft Patch Tuesday, March 2022Generated: 2022-03-13 14:29:53
| Product Name | Prevalence | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Windows SMB | 1 | 1 | Windows SMB | ||||
| Windows Kernel | 0.9 | 1 | 10 | Windows Kernel | |||
| Media Foundation | 0.8 | 2 | Windows component | ||||
| Microsoft Defender | 0.8 | 1 | Anti-malware component of Microsoft Windows | ||||
| Microsoft Defender for IoT | 0.8 | 1 | 1 | Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments | |||
| Microsoft Edge | 0.8 | 1 | 18 | 11 | Web browser | ||
| Microsoft Exchange | 0.8 | 1 | 1 | Exchange | |||
| Windows Ancillary Function Driver for WinSock | 0.8 | 1 | Windows component | ||||
| Windows Cloud Files Mini Filter Driver | 0.8 | 1 | Windows component | ||||
| Windows Common Log File System Driver | 0.8 | 1 | Windows component | ||||
| Windows DWM Core Library | 0.8 | 2 | Windows component | ||||
| Windows Event Tracing | 0.8 | 1 | Windows Event Tracing | ||||
| Windows Fast FAT File System Driver | 0.8 | 1 | Windows component | ||||
| Windows HTML Platforms | 0.8 | 1 | Windows component | ||||
| Windows Installer | 0.8 | 1 | Windows Installer | ||||
| Windows Media | 0.8 | 1 | Windows component | ||||
| Windows NT Lan Manager Datagram Receiver Driver | 0.8 | 1 | Windows component | ||||
| Windows Print Spooler | 0.8 | 1 | Windows component | ||||
| Windows Remote Desktop Client | 0.8 | 2 | Remote Desktop Protocol Client | ||||
| Windows Remote Desktop Protocol | 0.8 | 1 | Windows component | ||||
| Windows Update Stack | 0.8 | 1 | Windows component | ||||
| .NET | 0.7 | 1 | 1 | .NET | |||
| HEVC Video Extensions | 0.7 | 6 | HEVC Video Extensions | ||||
| Paint 3D | 0.7 | 1 | Standard Windows Application | ||||
| Point-to-Point Tunneling Protocol | 0.7 | 1 | The Point to Point Tunneling Protocol (PPTP) is a network protocol used to create VPN tunnels between public networks | ||||
| Raw Image Extension | 0.7 | 2 | Raw Image Extension | ||||
| VP9 Video Extensions | 0.7 | 2 | VP9 is an open and royalty-free video coding format developed by Google | ||||
| HEIF Image Extensions | 0.6 | 1 | The HEIF Image Extension enables Windows 10 devices to read and write files that use the High Efficiency Image File (HEIF) format. | ||||
| Microsoft Office | 0.6 | 1 | Microsoft Office | ||||
| Microsoft Office Visio | 0.6 | 3 | Microsoft Visio | ||||
| Microsoft Word | 0.6 | 1 | MS Office product | ||||
| Skype Extension for Chrome | 0.6 | 1 | This extension enables Skype integration across various online services, including calendars, email, and even social media | ||||
| Windows Hyper-V | 0.6 | 1 | Hardware virtualization component of the client editions of Windows NT | ||||
| Azure | 0.4 | 11 | Azure | ||||
| Brotli Library | 0.4 | 1 | Brotli is a compression algorithm developed by Google and works best for text compression | ||||
| Microsoft Intune Portal for iOS | 0.3 | 1 | iOS store app for Microsoft Intune | ||||
| Visual Studio Code | 0.3 | 1 | Integrated development environment |
| Vulnerability Type | Criticality | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Remote Code Execution | 1.0 | 22 | 6 | Remote Code Execution | |||
| Security Feature Bypass | 0.9 | 1 | 2 | Security Feature Bypass | |||
| Denial of Service | 0.7 | 4 | Denial of Service | ||||
| Memory Corruption | 0.6 | 1 | 18 | Memory Corruption | |||
| Elevation of Privilege | 0.5 | 2 | 23 | Elevation of Privilege | |||
| Information Disclosure | 0.4 | 6 | Information Disclosure | ||||
| Spoofing | 0.4 | 4 | Spoofing | ||||
| Tampering | 0.3 | 1 | Tampering | ||||
| Unknown Vulnerability Type | 0 | 11 | Unknown Vulnerability Type |
1. 
Remote Code Execution - Microsoft Defender for IoT (CVE-2022-23265) - High [586]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0.6 | 17 | Public exploit is mentioned by Microsoft in CVSS Temporal Score (Functional Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
2. Remote Code Execution - Windows Remote Desktop Client (CVE-2022-21990) - High [567]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | Public exploit is mentioned by Microsoft in CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Remote Desktop Protocol Client | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2022-21990 and CVE-2022-23285 – Remote Desktop Client Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.
rapid7: Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.
zdi: CVE-2022-21990 – Remote Desktop Client Remote Code Execution Vulnerability. This client-side bug doesn’t have the same punch as server-side related RDP vulnerabilities, but since it’s listed as publicly known, it makes sense to go ahead and treat this as a Critical-rated bug. If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client. Again, this isn’t as severe as BlueKeep or some of the other RDP server bugs, but it definitely shouldn’t be overlooked.
3. 
Memory Corruption - Microsoft Edge (CVE-2022-0609) - High [516]
Description: Chromium: CVE-2022-0609
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned at AttackerKB | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0609 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
4. Remote Code Execution - Windows SMB (CVE-2022-24508) - High [513]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 1 | 14 | Windows SMB | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2022-24508 – Windows SMBv3 Client/Server Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. In addition to releasing an update for this vulnerability, Microsoft has also provided a workaround that may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place: This vulnerability exists in a new feature that was added to Windows 10 version 2004 and exists in newer supported versions of Windows. Older versions of Windows are not affected.
rapid7: CVE-2022-24508 is an RCE affecting Windows SMBv3, which has potential for widespread exploitation, assuming an attacker can put together a suitable exploit. Luckily, like this month's Exchange vulnerabilities, this too requires authentication.
zdi: CVE-2022-24508 – Windows SMBv3 Client/Server Remote Code Execution Vulnerability. This bug could allow an attacker to execute code on Windows 10 version 2004 and newer systems. It’s also reminiscent of CVE-2020-0796 from a couple of years ago. Both also list disabling SMBv3 compression as a workaround for SMB servers, but this doesn’t help clients. In 2020, Microsoft noted SMBv3 compression “is not yet used by Windows or Windows Server and disabling SMB Compression has no negative performance impact.” That’s not in the current advisory, so it’s unclear what disabling this feature will have now. Authentication is required here, but since this affected both clients and servers, an attacker could use this for lateral movement within a network. This is another one I would treat as Critical and mitigate quickly.
5. 
Security Feature Bypass - Windows HTML Platforms (CVE-2022-24502) - High [479]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | Public exploit is mentioned by Microsoft in CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.3. Based on Microsoft data |
6. Remote Code Execution - Microsoft Exchange (CVE-2022-23277) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Exchange | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2022-23277 – Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution (RCE). As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call.
rapid7: Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.
zdi: CVE-2022-23277 – Microsoft Exchange Server Remote Code Execution Vulnerability. This Critical-rated bug in Exchange Server was reported by long-time ZDI contributor Markus Wulftange. The vulnerability would allow an authenticated attacker to execute their code with elevated privileges through a network call. This is also listed as low complexity with exploitation more likely, so it would not surprise me to see this bug exploited in the wild soon - despite the authentication requirement. Test and deploy this to your Exchange servers quickly.
7. Remote Code Execution - Windows Event Tracing (CVE-2022-23294) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows Event Tracing | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
8. Remote Code Execution - Windows Remote Desktop Client (CVE-2022-23285) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Remote Desktop Protocol Client | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2022-21990 and CVE-2022-23285 – Remote Desktop Client Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.
9. 
Elevation of Privilege - Windows Kernel (CVE-2022-24459) - High [471]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | Public exploit is mentioned by Microsoft in CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
rapid7: Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.
10. Remote Code Execution - HEVC Video Extensions (CVE-2022-22006) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
rapid7: Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.
11. Remote Code Execution - HEVC Video Extensions (CVE-2022-22007) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
12. Remote Code Execution - HEVC Video Extensions (CVE-2022-23301) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
13. Remote Code Execution - HEVC Video Extensions (CVE-2022-24452) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
14. Remote Code Execution - HEVC Video Extensions (CVE-2022-24453) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
15. Remote Code Execution - HEVC Video Extensions (CVE-2022-24456) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
16. Remote Code Execution - Paint 3D (CVE-2022-23282) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Standard Windows Application | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
17. Remote Code Execution - Raw Image Extension (CVE-2022-23295) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Raw Image Extension | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
18. Remote Code Execution - Raw Image Extension (CVE-2022-23300) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Raw Image Extension | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
19. Remote Code Execution - VP9 Video Extensions (CVE-2022-24451) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | VP9 is an open and royalty-free video coding format developed by Google | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
20. Remote Code Execution - VP9 Video Extensions (CVE-2022-24501) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | VP9 is an open and royalty-free video coding format developed by Google | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
rapid7: Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.
21. Elevation of Privilege - Windows Print Spooler (CVE-2022-23284) - High [439]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | Public exploit is mentioned by Microsoft in CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
22. Remote Code Execution - HEIF Image Extensions (CVE-2022-24457) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | The HEIF Image Extension enables Windows 10 devices to read and write files that use the High Efficiency Image File (HEIF) format. | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
23. Remote Code Execution - Microsoft Office Visio (CVE-2022-24461) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
24. Remote Code Execution - Microsoft Office Visio (CVE-2022-24509) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
25. Remote Code Execution - Microsoft Office Visio (CVE-2022-24510) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
26. Remote Code Execution - .NET (CVE-2022-24512) - High [416]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | .NET | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.3. Based on Microsoft data |
rapid7: Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.
27. 
Denial of Service - .NET (CVE-2022-24464) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.7 | 15 | Denial of Service | |
| 0.7 | 14 | .NET | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
28. Elevation of Privilege - Windows Kernel (CVE-2022-23290) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
29. Elevation of Privilege - Windows Kernel (CVE-2022-23299) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
30. Elevation of Privilege - Windows Kernel (CVE-2022-24454) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
31. Elevation of Privilege - Windows Kernel (CVE-2022-24455) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
32. Security Feature Bypass - Microsoft Word (CVE-2022-24462) - Medium [377]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.6 | 14 | MS Office product | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
33. Denial of Service - Windows Media (CVE-2022-21973) - Medium [374]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
34. Remote Code Execution - Azure (CVE-2022-24467) - Medium [372]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
35. Remote Code Execution - Azure (CVE-2022-24468) - Medium [372]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
36. Remote Code Execution - Azure (CVE-2022-24470) - Medium [372]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
37. Remote Code Execution - Azure (CVE-2022-24471) - Medium [372]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
38. Remote Code Execution - Azure (CVE-2022-24517) - Medium [372]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
39. Remote Code Execution - Azure (CVE-2022-24520) - Medium [372]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
40. Denial of Service - Point-to-Point Tunneling Protocol (CVE-2022-23253) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.7 | 15 | Denial of Service | |
| 0.7 | 14 | The Point to Point Tunneling Protocol (PPTP) is a network protocol used to create VPN tunnels between public networks | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
41. Elevation of Privilege - Windows Kernel (CVE-2022-21967) - Medium [366]
Description: Xbox Live Auth Manager for
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
zdi: CVE-2022-21967 – Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability. This appears to be the first security patch impacting Xbox specifically. There was an advisory for an inadvertently disclosed Xbox Live certificate back in 2015, but this seems to be the first security-specific update for the device itself. Microsoft even notes other Windows OSes are not affected by this bug. It’s not clear how an attacker could escalate privileges using this vulnerability, but the Auth Manager component is listed as affected. This service handles interacting with the Xbox Live service. I doubt many enterprises are reliant on Xbox or Xbox Live, but if you are, make sure this patch doesn’t go unnoticed.
42. Elevation of Privilege - Windows Kernel (CVE-2022-23283) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
43. Elevation of Privilege - Windows Kernel (CVE-2022-23287) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
44. Elevation of Privilege - Windows Kernel (CVE-2022-23298) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
45. Elevation of Privilege - Windows Kernel (CVE-2022-24460) - Medium [366]
Description: Tablet
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
46. Elevation of Privilege - Windows Kernel (CVE-2022-24505) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
47. Elevation of Privilege - Microsoft Defender for IoT (CVE-2022-23266) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
48. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2022-24507) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
49. Elevation of Privilege - Windows DWM Core Library (CVE-2022-23291) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
50. Elevation of Privilege - Windows Fast FAT File System Driver (CVE-2022-23293) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
51. Elevation of Privilege - Windows Installer (CVE-2022-23296) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows Installer | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
52. Elevation of Privilege - Windows Cloud Files Mini Filter Driver (CVE-2022-23286) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
53. Elevation of Privilege - Windows DWM Core Library (CVE-2022-23288) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
54. Elevation of Privilege - Windows Update Stack (CVE-2022-24525) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
55. 
Spoofing - Microsoft Exchange (CVE-2022-24463) - Medium [327]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Exchange | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
56. Denial of Service - Windows Hyper-V (CVE-2022-21975) - Medium [322]
Description: Windows
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.7 | 15 | Denial of Service | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
57. 
Information Disclosure - Windows Common Log File System Driver (CVE-2022-23281) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
58. Information Disclosure - Windows NT Lan Manager Datagram Receiver Driver (CVE-2022-23297) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
59. Spoofing - Microsoft Defender (CVE-2022-23278) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Anti-malware component of Microsoft Windows | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.9. Based on Microsoft data |
60. Information Disclosure - Skype Extension for Chrome (CVE-2022-24522) - Medium [302]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Information Disclosure | |
| 0.6 | 14 | This extension enables Skype integration across various online services, including calendars, email, and even social media | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
61. Information Disclosure - Windows Remote Desktop Protocol (CVE-2022-24503) - Medium [300]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.4. Based on Microsoft data |
62. Spoofing - Microsoft Edge (CVE-2022-23264) - Medium [300]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Web browser | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
MS PT Extended: CVE-2022-23264 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
63. Memory Corruption - Brotli Library (CVE-2020-8927) - Medium [291]
Description: {'ms_cve_data_all': 'Brotli Library Buffer Overflow Vulnerability', 'nvd_cve_data_all': 'A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.4 | 14 | Brotli is a compression algorithm developed by Google and works best for text compression | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
64. Information Disclosure - Media Foundation (CVE-2022-22010) - Medium [286]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.4. Based on Microsoft data |
65. Elevation of Privilege - Azure (CVE-2022-24469) - Medium [285]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.4 | 14 | Azure | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2022-24469 – Azure Site Recovery Elevation of Privilege Vulnerability. This vulnerability has a CVSSv3.1 score of 8.1/10. An attacker can call Azure Site Recovery APIs provided by the Configuration Server and in turn, get access to configuration data including credentials for the protected systems. Using the APIs, the attacker can also modify/delete configuration data which in turn will impact Site Recovery operation.
66. Security Feature Bypass - Microsoft Intune Portal for iOS (CVE-2022-24465) - Medium [279]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.3 | 14 | iOS store app for Microsoft Intune | |
| 0.3 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 3.3. Based on Microsoft data |
67. Information Disclosure - Media Foundation (CVE-2022-21977) - Medium [272]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.3 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 3.3. Based on Microsoft data |
68. Memory Corruption - Microsoft Edge (CVE-2022-0603) - Medium [272]
Description: Chromium: CVE-2022-0603
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0603 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
69. Memory Corruption - Microsoft Edge (CVE-2022-0604) - Medium [272]
Description: Chromium: CVE-2022-0604 Heap
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0604 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
70. Memory Corruption - Microsoft Edge (CVE-2022-0605) - Medium [272]
Description: Chromium: CVE-2022-0605
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0605 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
71. Memory Corruption - Microsoft Edge (CVE-2022-0606) - Medium [272]
Description: Chromium: CVE-2022-0606
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0606 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
72. Memory Corruption - Microsoft Edge (CVE-2022-0607) - Medium [272]
Description: Chromium: CVE-2022-0607
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0607 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
73. Memory Corruption - Microsoft Edge (CVE-2022-0789) - Medium [272]
Description: Chromium: CVE-2022-0789 Heap
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0789 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
74. Memory Corruption - Microsoft Edge (CVE-2022-0790) - Medium [272]
Description: Chromium: CVE-2022-0790
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0790 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
75. Memory Corruption - Microsoft Edge (CVE-2022-0791) - Medium [272]
Description: Chromium: CVE-2022-0791
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0791 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
76. Memory Corruption - Microsoft Edge (CVE-2022-0793) - Medium [272]
Description: Chromium: CVE-2022-0793
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0793 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
77. Memory Corruption - Microsoft Edge (CVE-2022-0794) - Medium [272]
Description: Chromium: CVE-2022-0794
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0794 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
78. Memory Corruption - Microsoft Edge (CVE-2022-0796) - Medium [272]
Description: Chromium: CVE-2022-0796
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0796 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
79. Memory Corruption - Microsoft Edge (CVE-2022-0797) - Medium [272]
Description: Chromium: CVE-2022-0797
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0797 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
80. Memory Corruption - Microsoft Edge (CVE-2022-0798) - Medium [272]
Description: Chromium: CVE-2022-0798
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0798 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
81. Memory Corruption - Microsoft Edge (CVE-2022-0800) - Medium [272]
Description: Chromium: CVE-2022-0800 Heap
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0800 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
82. Memory Corruption - Microsoft Edge (CVE-2022-0805) - Medium [272]
Description: Chromium: CVE-2022-0805
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0805 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
83. Memory Corruption - Microsoft Edge (CVE-2022-0808) - Medium [272]
Description: Chromium: CVE-2022-0808
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0808 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
84. Memory Corruption - Microsoft Edge (CVE-2022-0809) - Medium [272]
Description: Chromium: CVE-2022-0809
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0809 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
85. Elevation of Privilege - Azure (CVE-2022-24506) - Medium [271]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
86. Elevation of Privilege - Azure (CVE-2022-24515) - Medium [271]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
87. Elevation of Privilege - Azure (CVE-2022-24518) - Medium [271]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
88. Elevation of Privilege - Azure (CVE-2022-24519) - Medium [271]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
89. 
Tampering - Microsoft Office (CVE-2022-24511) - Medium [255]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.3 | 15 | Tampering | |
| 0.6 | 14 | Microsoft Office | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
90. Spoofing - Visual Studio Code (CVE-2022-24526) - Medium [218]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0.4 | 15 | Spoofing | |
| 0.3 | 14 | Integrated development environment | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
91. 
Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0608) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0608 Integer overflow in Mojo. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0608 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
92. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0610) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0610 Inappropriate implementation in Gamepad API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0610 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
93. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0792) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0792 Out of bounds read in ANGLE. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0792 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
94. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0795) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0795 Type Confusion in Blink Layout. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0795 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
95. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0799) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0799 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
96. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0801) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0801 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
97. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0802) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0802 Inappropriate implementation in Full screen mode. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0802 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
98. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0803) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0803 Inappropriate implementation in Permissions. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0803 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
99. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0804) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0804 Inappropriate implementation in Full screen mode. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0804 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
100. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0806) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0806 Data leak in Canvas. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0806 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
101. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-0807) - Low [151]
Description: {'ms_cve_data_all': 'Chromium: CVE-2022-0807 Inappropriate implementation in Autofill. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': '', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners or Microsoft website | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2022-0807 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
Memory Corruption (1)MS PT Extended: CVE-2022-0609 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
Remote Code Execution (28)qualys: CVE-2022-21990 and CVE-2022-23285 – Remote Desktop Client Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.
rapid7: Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.
zdi: CVE-2022-21990 – Remote Desktop Client Remote Code Execution Vulnerability. This client-side bug doesn’t have the same punch as server-side related RDP vulnerabilities, but since it’s listed as publicly known, it makes sense to go ahead and treat this as a Critical-rated bug. If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client. Again, this isn’t as severe as BlueKeep or some of the other RDP server bugs, but it definitely shouldn’t be overlooked.
qualys: CVE-2022-24508 – Windows SMBv3 Client/Server Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. In addition to releasing an update for this vulnerability, Microsoft has also provided a workaround that may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place: This vulnerability exists in a new feature that was added to Windows 10 version 2004 and exists in newer supported versions of Windows. Older versions of Windows are not affected.
rapid7: CVE-2022-24508 is an RCE affecting Windows SMBv3, which has potential for widespread exploitation, assuming an attacker can put together a suitable exploit. Luckily, like this month's Exchange vulnerabilities, this too requires authentication.
zdi: CVE-2022-24508 – Windows SMBv3 Client/Server Remote Code Execution Vulnerability. This bug could allow an attacker to execute code on Windows 10 version 2004 and newer systems. It’s also reminiscent of CVE-2020-0796 from a couple of years ago. Both also list disabling SMBv3 compression as a workaround for SMB servers, but this doesn’t help clients. In 2020, Microsoft noted SMBv3 compression “is not yet used by Windows or Windows Server and disabling SMB Compression has no negative performance impact.” That’s not in the current advisory, so it’s unclear what disabling this feature will have now. Authentication is required here, but since this affected both clients and servers, an attacker could use this for lateral movement within a network. This is another one I would treat as Critical and mitigate quickly.
qualys: CVE-2022-23277 – Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability. This vulnerability has a CVSSv3.1 score of 8.8/10. The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution (RCE). As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call.
rapid7: Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.
zdi: CVE-2022-23277 – Microsoft Exchange Server Remote Code Execution Vulnerability. This Critical-rated bug in Exchange Server was reported by long-time ZDI contributor Markus Wulftange. The vulnerability would allow an authenticated attacker to execute their code with elevated privileges through a network call. This is also listed as low complexity with exploitation more likely, so it would not surprise me to see this bug exploited in the wild soon - despite the authentication requirement. Test and deploy this to your Exchange servers quickly.
rapid7: Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.
rapid7: Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.
rapid7: Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.
Security Feature Bypass (3)Elevation of Privilege (25)rapid7: Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.
zdi: CVE-2022-21967 – Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability. This appears to be the first security patch impacting Xbox specifically. There was an advisory for an inadvertently disclosed Xbox Live certificate back in 2015, but this seems to be the first security-specific update for the device itself. Microsoft even notes other Windows OSes are not affected by this bug. It’s not clear how an attacker could escalate privileges using this vulnerability, but the Auth Manager component is listed as affected. This service handles interacting with the Xbox Live service. I doubt many enterprises are reliant on Xbox or Xbox Live, but if you are, make sure this patch doesn’t go unnoticed.
qualys: CVE-2022-24469 – Azure Site Recovery Elevation of Privilege Vulnerability. This vulnerability has a CVSSv3.1 score of 8.1/10. An attacker can call Azure Site Recovery APIs provided by the Configuration Server and in turn, get access to configuration data including credentials for the protected systems. Using the APIs, the attacker can also modify/delete configuration data which in turn will impact Site Recovery operation.
Denial of Service (4)Spoofing (4)MS PT Extended: CVE-2022-23264 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
Information Disclosure (6)Memory Corruption (18)MS PT Extended: CVE-2022-0800 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0794 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0809 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0791 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0805 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0797 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0789 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0605 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0607 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0808 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0793 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0796 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0790 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0604 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0606 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0603 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0798 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
Tampering (1)Unknown Vulnerability Type (11)MS PT Extended: CVE-2022-0610 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0806 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0802 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0792 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0803 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0799 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0807 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0608 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0795 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0801 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07
MS PT Extended: CVE-2022-0804 was published before March 2022 Patch Tuesday from 2022-02-09 to 2022-03-07