CVE-2022-24508

HIGH8.8JSON export Create alert

Description

Win32 File Enumeration Remote Code Execution Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Windows 10 Version 20H210.0.0 – 10.0.19042.1586
Microsoft / Windows 10 Version 21H110.0.0 – 10.0.19043.1586
Microsoft / Windows 10 Version 21H210.0.19043.0 – 10.0.19044.1586
Microsoft / Windows 11 version 21H210.0.0 – 10.0.22000.556
Microsoft / Windows Server 202210.0.20348.0 – 10.0.20348.587
Microsoft / Windows Server version 20H210.0.0 – 10.0.19042.1586

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24508