Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-34721: Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation.

Microsoft Security Response Center
Open in Source
#vulnerability#web#mac#windows#rce#auth#Windows IKE Extension#Security Vulnerability
CVE-2022-33647: Windows Kerberos Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could perform a man-in-the-middle network exploit to downgrade a client's encryption to the RC4-md4 cypher, followed by cracking the user's cypher key. The attacker could then compromise the user's Kerberos session key to elevate privileges.

CVE-2022-34723: Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could view the data protection API (DPAPI) master key.

CVE-2022-35831: Windows Remote Access Connection Manager Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory.

CVE-2022-38005: Windows Print Spooler Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-34729: Windows GDI Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-37956: Windows Kernel Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-30170: Windows Credential Roaming Service Elevation of Privilege Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** Exploitation of the vulnerability requires that a user to log in to Windows.

CVE-2022-30200: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?** The word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.