Unknown
CVE-2022-34721
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(1 user assessed)
Unknown
(1 user assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Description
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
Add Assessment
Technical Analysis
I must be missing something as the PoC script *https://github.com/78ResearchLab/PoC/blob/main/CVE-2022-34721/CVE-2022-34721.py) does not execute any exception/BSOD let alone the RCE.
From what I can see, the script does not carry any RCE payload, but I thought it would at least cause some app/os exception.
When I fire it up against w2k19 VPN server, nothing happens.
I would have expected that at least some kind of unhandled exception/BSOD occurred, but nothing …
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportGeneral Information
Vendors
- Microsoft
Products
- Windows 10 Version 1809,
- Windows Server 2019,
- Windows 10 Version 21H1,
- Windows Server 2022,
- Windows 10 Version 20H2,
- Windows 11 version 21H2,
- Windows 10 Version 21H2,
- Windows 10 Version 1507,
- Windows 10 Version 1607,
- Windows Server 2016,
- Windows 7,
- Windows 8.1,
- Windows Server 2008,
- Windows Server 2008 R2,
- Windows Server 2012,
- Windows Server 2012 R2
Exploited in the Wild
Would you like to delete this Exploited in the Wild Report?
Yes, delete this reportReferences
Additional Info
Technical Analysis
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
I believe @cdelafuente-r7 was looking at this last week as well and had the same experience!