Microsoft Security Response Center

**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

**Why is this a HackerOne CVE?** This CVE is regarding a vulnerability in the curl open source library which is used by Windows. The July 2022 Windows Security Updates includes the most recent version of this library which addresses the vulnerability and others. Please see curl security problems for information on all of the vulnerabilities that have been addressed.

**According to the CVSS metric, the privileges required is high (PR:H). What privileges are needed by the attacker and how are they used in the context of the remote code execution?** To successfully exploit this vulnerability, the attacker must have write access on the file share, and an active file share administrator account on the target server. With write access, the attacker would need to modify specific files on the target server to trigger code execution.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What security feature is bypassed with this vulnerability?** A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.