Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS22_JUN_5014699.NASL
HistoryJun 14, 2022 - 12:00 a.m.

KB5014699: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (June 2022)

2022-06-1400:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
492

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.966 High

EPSS

Percentile

99.6%

JSON

The remote Windows host is missing security update 5014699. It is, therefore, affected by multiple vulnerabilities:

  • An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2022-30166, CVE-2022-30165, CVE-2022-30160 CVE-2022-30154, CVE-2022-30151, CVE-2022-30150, CVE-2022-30147, CVE-2022-30132, CVE-2022-30131)

  • A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application. (CVE-2022-30164)

  • A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-30163, CVE-2022-30161, CVE-2022-30153, CVE-2022-30149, CVE-2022-30146, CVE-2022-30145, CVE-2022-30143, CVE-2022-30142, CVE-2022-30141, CVE-2022-30140, CVE-2022-30139,CVE-2022-30190)

##
# (C) Tenable, Inc.

#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
##

include('compat.inc');

if (description)
{
  script_id(162201);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/01/16");

  script_cve_id(
    "CVE-2022-21123",
    "CVE-2022-21125",
    "CVE-2022-21127",
    "CVE-2022-21166",
    "CVE-2022-30132",
    "CVE-2022-30139",
    "CVE-2022-30140",
    "CVE-2022-30141",
    "CVE-2022-30142",
    "CVE-2022-30143",
    "CVE-2022-30145",
    "CVE-2022-30146",
    "CVE-2022-30147",
    "CVE-2022-30148",
    "CVE-2022-30149",
    "CVE-2022-30150",
    "CVE-2022-30151",
    "CVE-2022-30152",
    "CVE-2022-30153",
    "CVE-2022-30155",
    "CVE-2022-30160",
    "CVE-2022-30161",
    "CVE-2022-30162",
    "CVE-2022-30163",
    "CVE-2022-30164",
    "CVE-2022-30165",
    "CVE-2022-30166",
    "CVE-2022-30189",
    "CVE-2022-30190",
    "CVE-2022-32230"
  );
  script_xref(name:"MSKB", value:"5014699");
  script_xref(name:"MSFT", value:"MS22-5014699");
  script_xref(name:"IAVA", value:"2022-A-0240-S");
  script_xref(name:"IAVA", value:"2022-A-0241-S");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/07/05");
  script_xref(name:"CEA-ID", value:"CEA-2022-0022");

  script_name(english:"KB5014699: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (June 2022)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Windows host is missing security update 5014699. It is, therefore, affected by multiple vulnerabilities:

  - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. 
    (CVE-2022-30166, CVE-2022-30165, CVE-2022-30160 CVE-2022-30154, CVE-2022-30151, CVE-2022-30150, 
     CVE-2022-30147, CVE-2022-30132, CVE-2022-30131)

  - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature 
    and perform unauthorized actions compromising the integrity of the system/application. (CVE-2022-30164)
    
  - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute 
    unauthorized arbitrary commands. (CVE-2022-30163, CVE-2022-30161, CVE-2022-30153, CVE-2022-30149,
    CVE-2022-30146, CVE-2022-30145, CVE-2022-30143, CVE-2022-30142, CVE-2022-30141, CVE-2022-30140,
    CVE-2022-30139,CVE-2022-30190)");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/help/5014699");
  script_set_attribute(attribute:"solution", value:
"Apply Security Update 5014699");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-30190");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-30165");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Microsoft Office Word MSDTJS');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/06/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/06/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_check_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}

include('smb_func.inc');
include('smb_hotfixes.inc');
include('smb_hotfixes_fcheck.inc');
include('smb_reg_query.inc');

get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');

bulletin = 'MS22-06';
kbs = make_list(
  '5014699'
);

if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit('SMB/Registry/Enumerated');
get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);

if (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

os_name = get_kb_item("SMB/ProductName");

if (
    ( ("enterprise" >< tolower(os_name) || "education" >< tolower(os_name))
  &&
    smb_check_rollup(os:'10',
                    os_build:19042,
                    rollup_date:'06_2022',
                    bulletin:bulletin,
                    rollup_kb_list:[5014699]) )
  ||
    smb_check_rollup(os:'10',
                    os_build:19043,
                    rollup_date:'06_2022',
                    bulletin:bulletin,
                    rollup_kb_list:[5014699])
  || 
    smb_check_rollup(os:'10',
                    os_build:19044,
                    rollup_date:'06_2022',
                    bulletin:bulletin,
                    rollup_kb_list:[5014699])
)
{
  replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, hotfix_get_audit_report());
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

References

Related

mskb 15
nessus 43
openvas 17
kaspersky 2
avleonov 1
oraclelinux 11
intel 1
mageia 2
mscve 14
hp 1
malwarebytes 2
osv 9
qualysblog 1
fedora 3
rapid7blog 1
citrix 1
xen 1
rocky 3
almalinux 2
vmware 1
redhat 9
ubuntu 4
f5 1
thn 1
debian 1
ibm 1
centos 1
cvelist 8
cve 16
nvd 12
prion 13
checkpoint_advisories 1
mskb
mskb
June 14, 2022—KB5014692 (OS Build 17763.3046)
2022-06-14 07:00:00
June 14, 2022—KB5014697 (OS Build 22000.739)
2022-06-14 07:00:00
June 14, 2022— KB5014677 (OS Build 20348.770)
2022-06-14 07:00:00
nessus
nessus
KB5014702: Windows 10 Version 1607 and Windows Server 2016 Security Update (June 2022)
2022-06-14 00:00:00
KB5014692: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2022)
2022-06-14 00:00:00
KB5014742: Windows 7 and Windows Server 2008 R2 Security Update (June 2022)
2022-06-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5014710)
2022-06-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5014748)
2022-06-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5014702)
2022-06-15 00:00:00
kaspersky
kaspersky
KLA12569 Multiple vulnerabilities in Microsoft Windows
2022-06-14 00:00:00
KLA12568 Multiple vulnerabilities in Microsoft Products (ESU)
2022-06-14 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2022: Follina RCE, NFSV4.1 RCE, LDAP RCEs and bad patches
2022-06-25 12:32:07
oraclelinux
oraclelinux
microcode_ctl security update
2022-06-14 00:00:00
microcode_ctl security update
2022-06-15 00:00:00
microcode_ctl security update
2022-06-23 00:00:00
intel
intel
Intel® Processors MMIO Stale Data Advisory
2022-10-19 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-06-29 19:18:17
Updated kernel packages fix security vulnerabilities
2022-06-29 19:18:17
mscve
mscve
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities
2022-06-14 07:00:00
Windows iSCSI Discovery Service Remote Code Execution Vulnerability
2022-06-14 07:00:00
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
2022-06-14 07:00:00
hp
hp
Intel® Processors June 2022 Security Update
2022-06-14 00:00:00
malwarebytes
malwarebytes
Intel CPU vulnerabilities fixed. But should you update?
2023-03-06 07:00:00
Update now!  Microsoft patches Follina, and many other security updates
2022-06-15 13:17:05
osv
osv
intel-microcode - security update
2022-07-06 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
linux, linux-aws, linux-aws-hwe, linux-aws-5.13, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.13, linux-azure-5.4, linux-azure-fde, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.13, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-intel-5.13, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-oracle-5.13, linux-oracle-5.4 vulnerabilities
2022-06-17 02:00:03
qualysblog
qualysblog
June 2022 Patch Tuesday | Microsoft Releases 55 Vulnerabilities with 3 Critical; Adobe Releases 6 Advisories, 46 Vulnerabilities with 40 Critical.
2022-06-14 20:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-4.fc36
2022-07-01 01:09:33
[SECURITY] Fedora 36 Update: kernel-5.18.5-200.fc36
2022-06-17 01:16:22
[SECURITY] Fedora 35 Update: kernel-5.18.5-100.fc35
2022-06-18 01:45:12
rapid7blog
rapid7blog
Patch Tuesday - June 2022
2022-06-14 19:37:50
citrix
citrix
Citrix Hypervisor Security Update
2022-06-23 20:06:39
xen
xen
x86: MMIO Stale Data vulnerabilities
2022-06-14 18:21:00
rocky
rocky
kernel-rt security and bug fix update
2022-09-13 07:36:33
kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
microcode_ctl bug fix and enhancement update
2022-11-02 13:51:49
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 00:00:00
vmware
vmware
VMware ESXi addresses DirectPath I/O (PCI-Passthrough) Information Leak vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)
2022-06-14 00:00:00
redhat
redhat
(RHSA-2022:6460) Moderate: kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
(RHSA-2022:6437) Moderate: kernel-rt security and bug fix update
2022-09-13 07:36:33
(RHSA-2022:7280) Important: kernel-rt security and bug fix update
2022-11-01 14:04:44
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2022-07-01 00:00:00
Linux kernel vulnerabilities
2022-06-17 00:00:00
Linux kernel vulnerabilities
2022-06-16 00:00:00
f5
f5
K04808933 : Intel Processors MMIO Stale Data Advisory vulnerabilities CVE-2022-21123, CVE-2022-21125, and CVE-2022-21127
2022-07-18 00:00:00
thn
thn
Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability
2022-06-15 03:42:00
debian
debian
[SECURITY] [DSA 5178-1] intel-microcode security update
2022-07-06 13:12:52
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Intel Processors affect IBM Cloud Pak System
2023-03-31 15:06:36
centos
centos
bpftool, kernel, perf, python security update
2022-08-15 17:35:43
cvelist
cvelist
CVE-2022-32230 SMBv3 FileNormalizedNameInformation NULL Pointer Dereference
2022-06-14 00:00:00
CVE-2022-30148 Windows Desired State Configuration (DSC) Information Disclosure Vulnerability
2022-06-15 21:51:37
CVE-2022-30165 Windows Kerberos Elevation of Privilege Vulnerability
2022-06-15 21:52:01
cve
cve
CVE-2022-30189
2022-06-15 22:15:15
CVE-2022-30131
2022-06-15 22:15:13
CVE-2022-30161
2022-06-15 22:15:14
nvd
nvd
CVE-2022-32230
2022-06-14 22:15:10
CVE-2022-30131
2022-06-15 22:15:13
CVE-2022-30142
2022-06-15 22:15:13
prion
prion
Privilege escalation
2022-06-15 22:15:00
Privilege escalation
2022-06-15 22:15:00
Remote code execution
2022-06-15 22:15:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Installer Elevation of Privilege (CVE-2022-30147)
2022-06-14 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.966 High

EPSS

Percentile

99.6%

JSON
Related for SMB_NT_MS22_JUN_5014699.NASL
mskb15nessus43openvas17kaspersky2avleonov1oraclelinux11intel1mageia2mscve14hp1malwarebytes2osv9qualysblog1fedora3rapid7blog1citrix1xen1rocky3almalinux2vmware1redhat9ubuntu4f51thn1debian1ibm1centos1cvelist8cve16nvd12prion13checkpoint_advisories1