CVE-2022-30190

Warnung

Exploit

EPSS 93.46%
Veröffentlicht 01.06.2022 20:15:07
Zuletzt bearbeitet 30.10.2025 19:19:41
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.
Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.

Betroffene Produkte Warnungen 2 Metriken 4 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 10 1507 Version < 10.0.10240.19325

Microsoft ≫ Windows 10 1607 Version < 10.0.14393.5192

Microsoft ≫ Windows 10 1809 Version < 10.0.17763.3046

Microsoft ≫ Windows 10 20h2 Version < 10.0.19042.1766

Microsoft ≫ Windows 10 21h1 Version < 10.0.19043.1766

Microsoft ≫ Windows 10 21h2 Version < 10.0.19044.1766

Microsoft ≫ Windows 11 21h2 Version < 10.0.22000.739

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version < 10.0.14393.5192

Microsoft ≫ Windows Server 2019 Version < 10.0.17763.3046

Microsoft ≫ Windows Server 2022 Version < 10.0.20348.770

Microsoft ≫ Windows Server 20h2 Version < 10.0.19042.1766

14.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

Schwachstelle

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

31.05.2022: CERT.at Warnung

https://www.cert.at/de/warnungen/2022/5/remote-code-execution-schwachstelle-in-microsoft-windows-workarounds-verfugbar

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93.46%	0.998

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
secure@microsoft.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190

Vendor Advisory

http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190

Patch

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30190

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2022-30190

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-30190

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-30190

EUVD