CVE-2022-21961: Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

According to the score, the attack vector is Physical. How would an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device.

Are there additional attack vectors?

This vulnerability can also be exploited through a Local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.