Security
Headlines
HeadlinesLatestCVEs

Tag

#Security Vulnerability

CVE-2022-37978: Windows Active Directory Certificate Services Security Feature Bypass

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a man-in-the-middle (MITM) attack.

Microsoft Security Response Center
Open in Source
#vulnerability#web#windows#Windows Active Directory Certificate Services#Security Vulnerability
CVE-2022-38032: Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability

**In what scenarios can the security feature be bypassed?** On machines with slow or older USB controller hardware, the Group policy might have (silently) failed to apply. On such machines, the attacker can trivially exploit this enforcement failure by attaching a USB storage device to the affected machine.

CVE-2022-37982: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

CVE-2022-38028: Windows Print Spooler Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-37984: Windows WLAN Service Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-38016: Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a contained execution environment escape. Please refer to https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation

CVE-2022-41081: Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2022-38030: Windows USB Serial Driver Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unintentional read access from uninitialized memory, which can be from either kernel memory or another user-mode process.

CVE-2022-37981: Windows Event Logging Service Denial of Service Vulnerability

**According to the CVSS metric, availability is low (A:L). How could an attacker impact the availability?** The performance can be interrupted and/or reduced, but the attacker cannot fully deny service.

CVE-2022-37975: Windows Group Policy Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.