CVE-2022-30190

Warning

Exploit

EPSS 93.46%
Published 01.06.2022 20:15:07
Last modified 02.01.2025 19:16:22
Source secure@microsoft.com
Teams watchlist Login
Open Login

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.
Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.

Affected products Warnungen 2 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 10 1507 Version < 10.0.10240.19325

Microsoft ≫ Windows 10 1607 Version < 10.0.14393.5192

Microsoft ≫ Windows 10 1809 Version < 10.0.17763.3046

Microsoft ≫ Windows 10 20h2 Version < 10.0.19042.1766

Microsoft ≫ Windows 10 21h1 Version < 10.0.19043.1766

Microsoft ≫ Windows 10 21h2 Version < 10.0.19044.1766

Microsoft ≫ Windows 11 21h2 Version < 10.0.22000.739

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version < 10.0.14393.5192

Microsoft ≫ Windows Server 2019 Version < 10.0.17763.3046

Microsoft ≫ Windows Server 2022 Version < 10.0.20348.770

Microsoft ≫ Windows Server 20h2 Version < 10.0.19042.1766

14.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.

Description

Apply updates per vendor instructions.

Required actions

31.05.2022: CERT.at Warnung

https://www.cert.at/de/warnungen/2022/5/remote-code-execution-schwachstelle-in-microsoft-windows-workarounds-verfugbar

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	93.46%	0.998

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
secure@microsoft.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-610 Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190

http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-30190

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-30190

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-30190

EUVD