EUVD-2022-27073

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

HEVC Video Extensions remote code execution vulnerability identified in EUVD-2022-27073

Reporter	Title	Published	Views	Family All 18
ATTACKERKB	CVE-2022-21917	11 Jan 202221:15	–	attackerkb
BDU FSTEC	The vulnerability of the HEVC Video Extension codec, related to improper code generation, allows a perpetrator to execute arbitrary code.	4 Apr 202200:00	–	bdu_fstec
CNNVD	Microsoft HEVC Video Extensions 缓冲区错误漏洞	11 Jan 202200:00	–	cnnvd
CNVD	Microsoft HEVC Video Extensions Remote Code Execution Vulnerability (CNVD-2022-59686)	12 Jan 202200:00	–	cnvd
CVE	CVE-2022-21917	11 Jan 202220:23	–	cve
Cvelist	CVE-2022-21917 HEVC Video Extensions Remote Code Execution Vulnerability	11 Jan 202220:23	–	cvelist
Hive Pro Threat Advisories	Microsoft Patch Tuesday fixes critical zero-days along with 97 other flaws	12 Jan 202207:30	–	hivepro
Kaspersky	KLA12422 Multiple vulnerabilities in Microsoft Windows	11 Jan 202200:00	–	kaspersky
Microsoft CVE	HEVC Video Extensions Remote Code Execution Vulnerability	11 Jan 202208:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Windows	11 Jan 202200:00	–	ncsc

[
  {
    "enisaIdVendor": [
      {
        "id": "fa6ef00b-553d-3ac8-9d14-96887055de1d",
        "vendor": {
          "name": "Microsoft"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "d43a4869-8f4d-36fd-941e-4935b2ea5a89",
        "product": {
          "name": "HEVC Video Extensions"
        },
        "product_version": "1.0.0 <1.0.43421.0 & 1.0.43422.0"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21917
github	www.github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0008/MNDT-2022-0008.md
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21917

03 Oct 2025 20:07Current

8.2High risk

Vulners AI Score8.2

CVSS 3.17.8

CVSS 29.3

EPSS0.03702