by vicarius
log in join community
by @khurram.arif
12 Nov 2022
#cve_analysis

Write a blog analysis for a CVE

publish

Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability - CVE-2022-30190

by @khurram.arif
by @khurram.arif
12 Nov 2022
#cve_analysis

Write a blog analysis for a CVE

publish

Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability - CVE-2022-30190

CVEs

CVE-2022-30190
7.8 High Severity

OS

Windows 8.1
Windows 8.1Microsoft
6.3.9600.20520.*
6.3.9600.20520.*
RT.*
*.*
*.*
*.*
*.*
-.*
-.*
-.*
WR8
Windows RT 8.1Microsoft
6.3.9600.20520.*
*.*
*.*
*.*
-.*
-.*
-.*
Windows Server 2012
Windows Server 2012Microsoft
7382.*
7375.*
6.2.9200.25073.*
6.2.9200.24975.*
6.2.9200.25031.*
6.2.9200.24919.*
6.2.9200.24768.*
6.2.9200.24116.*
4113.*
Null.*
Windows Server 2016
Windows Server 2016Microsoft
10.0.14393.8594.*
10.0.14393.8524.*
10.0.14393.8519.*
10.0.14393.8519.*
10.0.14393.8422.*
10.0.14393.8416.*
10.0.14393.8330.*
10.0.14393.8246.*
10.0.14393.8066.*
10.0.14393.8148.*
Windows Server 2019
Windows Server 2019Microsoft
10.0.17763.8027.*
10.0.17763.7922.*
10.0.17763.7919.*
10.0.17763.7792.*
10.0.17763.7783.*
10.0.17763.7678.*
10.0.17763.7558.*
10.0.17763.7136.*
10.0.17763.7434.*
10.0.17763.7314.*

Screenshots from the blog posts

blog-posts/images/cladoihu86lmn0koi8u4hcrs8.jpgblog-posts/images/cladoihu86lmn0koi8u4hcrs8.jpg

Summary

ZERO-DAY vulnerability reported in May, 2022 remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Microsoft Word.

Description

Tags

#CVE-2022-30190#MSDT#remotecodeexecution
users/photos/cl9u4ikuuft0d0llg3b78egln.png

@khurram.arif

11 posts

Total vcoins

0

Comments (0)