Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

Low

Attack Vector

Local

CVE-2022-37969

Disclosure Date: September 13, 2022 •

CVE-2022-37969 CVSS v3 Base Score: 7.8

Exploited in the Wild

Reported by mkienow-r7 and 2 more...
View Source Details

Description

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.8 High

Impact Score:

5.9

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

Windows 10 Version 1809 10.0.17763.3406

Windows Server 2019 10.0.17763.3406

Windows Server 2019 (Server Core installation) 10.0.17763.3406

Windows 10 Version 21H1 10.0.19043.2006

Windows Server 2022 10.0.20348.1006

Windows 10 Version 20H2 10.0.19042.2006

Windows 11 version 21H2 10.0.22000.978

Windows 10 Version 21H2 10.0.19044.2006

Windows 10 Version 1507 10.0.10240.19444

Windows 10 Version 1607 10.0.14393.5356

Windows Server 2016 10.0.14393.5356

Windows Server 2016 (Server Core installation) 10.0.14393.5356

Windows 7 6.1.7601.26115

Windows 7 Service Pack 1 6.1.7601.26115

Windows 8.1 6.3.9600.20571

Windows Server 2008 Service Pack 2 6.0.6003.21666

Windows Server 2008 Service Pack 2 (Server Core installation) 6.0.6003.21666

Windows Server 2008 Service Pack 2 6.0.6003.21666

Windows Server 2008 R2 Service Pack 1 6.1.7601.26115

Windows Server 2008 R2 Service Pack 1 (Server Core installation) 6.1.7601.26115

Windows Server 2012 6.2.9200.23865

Windows Server 2012 (Server Core installation) 6.2.9200.23865

Windows Server 2012 R2 6.3.9600.20571

Windows Server 2012 R2 (Server Core installation) 6.3.9600.20571

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

microsoft

Products

windows 10 1507,
windows 10 1607,
windows 10 1809,
windows 10 20h2,
windows 10 21h1,
windows 10 21h2,
windows 11 21h2,
windows 7 -,
windows 8.1 -,
windows rt 8.1 -,
windows server 2008 -,
windows server 2008 r2,
windows server 2012 -,
windows server 2012 r2,
windows server 2016,
windows server 2019,
windows server 2022

Exploited in the Wild

Reported by:

mkienow-r7 indicated source as Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)

Reported: September 14, 2022 10:16pm UTC (2 years ago)

gwillcox-r7 indicated source as News Article or Blog (https://cn-sec.com/archives/1417413.html)

Reported: May 25, 2023 3:28pm UTC (1 year ago)

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2022/09/14/cisa-adds-two-known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:21am UTC (1 week ago)

References

Canonical

CVE-2022-37969 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37969)

Exploit

PoCs that have not been added by contributors directly have been sourced from: nomi-sec/PoC-in-GitHub.
A PoC added here by the AKB Worker must have at least 2 GitHub stars.

CVE-2022-37969 (https://github.com/fortra/CVE-2022-37969) (Added by AKB Worker)

Miscellaneous

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37969

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0039/MNDT-2022-0039.md

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969

Rapid7

Unknown

CVE-2022-37969

Unknown

Unknown

None

Low

Local

CVE-2022-37969

Description