Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
akamaiblogBen Barnea & Ophir HarpazAKAMAIBLOG:A37E08A92B8D58375143A320413C6011
HistoryApr 13, 2022 - 9:15 a.m.

Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime

2022-04-1309:15:00
Ben Barnea & Ophir Harpaz
www.akamai.com
123

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.5%

JSON

Microsoft?s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC (Remote Procedure Call) runtime: CVE-2022-24492 and CVE-2022-24528 (discovered by Yuki Chen with Cyber KunLun) CVE-2022-26809 (discovered by BugHunter010 with Kunlun)

Related

mscve 3
cnvd 1
cve 3
githubexploit 30
prion 3
cisa 1
checkpoint_advisories 1
threatpost 2
avleonov 1
thn 2
krebs 1
trellix 2
malwarebytes 1
qualysblog 1
nessus 11
mskb 15
kaspersky 2
securelist 1
rapid7blog 1
mscve
mscve
Remote Procedure Call Runtime Remote Code Execution Vulnerability
2022-04-12 08:00:00
Remote Procedure Call Runtime Remote Code Execution Vulnerability
2022-04-12 07:00:00
Remote Procedure Call Runtime Remote Code Execution Vulnerability
2022-04-12 08:00:00
cnvd
cnvd
Microsoft Remote Procedure Call Runtime Remote Code Execution Vulnerability
2022-04-15 00:00:00
cve
cve
CVE-2022-24528
2022-04-15 19:15:00
CVE-2022-24492
2022-04-15 19:15:00
CVE-2022-26809
2022-04-15 19:15:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2022-05-09 16:48:30
Exploit for Vulnerability in Microsoft
2022-05-20 14:26:38
Exploit for Vulnerability in Microsoft
2022-12-26 10:36:29
prion
prion
Remote code execution
2022-04-15 19:15:00
Remote code execution
2022-04-15 19:15:00
Remote code execution
2022-04-15 19:15:00
cisa
cisa
Microsoft Releases Advisory to Address Critical Remote Code Execution Vulnerability (CVE-2022-26809)
2022-04-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft RPC Remote Code Execution (CVE-2022-26809)
2022-04-19 00:00:00
threatpost
threatpost
Actively Exploited Zero-Day Bug Patched by Microsoft
2022-05-11 11:12:11
Microsoft Zero-Days, Wormable Bugs Spark Concern
2022-04-12 20:00:54
avleonov
avleonov
Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics
2022-04-23 09:22:32
thn
thn
Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates
2022-05-11 05:29:00
Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities
2022-04-13 03:22:00
krebs
krebs
Microsoft Patch Tuesday, April 2022 Edition
2022-04-13 15:01:24
trellix
trellix
The Bug Report – April 2022 Edition
2022-05-04 00:00:00
The Bug Report – April 2022 Edition
2022-05-04 00:00:00
malwarebytes
malwarebytes
April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities
2022-04-13 13:57:39
qualysblog
qualysblog
April 2022 Patch Tuesday: Microsoft Releases 145 Vulnerabilities with 10 Critical; Adobe Releases 4 Advisories, 78 Vulnerabilities with 51 Critical.
2022-04-12 20:07:30
nessus
nessus
KB5012632: Windows Server 2008 Security Update (April 2022)
2022-04-12 00:00:00
KB5012653: Windows 10 version 1507 LTS Security Update (April 2022)
2022-04-12 00:00:00
KB5012666: Windows Server 2012 Security Update (April 2022)
2022-04-12 00:00:00
mskb
mskb
April 12, 2022β€”KB5012658 (Monthly Rollup)
2022-04-12 08:00:00
April 12, 2022β€”KB5012632 (Security-only update)
2022-04-12 08:00:00
April 12, 2022β€”KB5012649 (Security-only update)
2022-04-12 08:00:00
kaspersky
kaspersky
KLA12509 Multiple vulnerabilities in Microsoft Products (ESU)
2022-04-12 00:00:00
KLA12502 Multiple vulnerabilities in Microsoft Windows
2022-04-12 00:00:00
securelist
securelist
IT threat evolution in Q2 2022. Non-mobile statistics
2022-08-15 12:00:43
rapid7blog
rapid7blog
Patch Tuesday - April 2022
2022-04-12 18:48:11

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.5%

JSON
Related for AKAMAIBLOG:A37E08A92B8D58375143A320413C6011
mscve3cnvd1cve3githubexploit30prion3cisa1checkpoint_advisories1threatpost2avleonov1thn2krebs1trellix2malwarebytes1qualysblog1nessus11mskb15kaspersky2securelist1rapid7blog1