Lucene search

K
kasperskyKaspersky LabKLA12504
HistoryApr 12, 2022 - 12:00 a.m.

KLA12504 Remote code execution vulnerability in Microsoft Dynamics

2022-04-1200:00:00
Kaspersky Lab
threats.kaspersky.com
50
microsoft dynamics 365
remote code execution
malicious users
arbitrary code execution
vulnerability
cve-2022-23259
kb 5012731
kb 5012732

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.007

Percentile

81.2%

A remote code execution vulnerability was found in Microsoft Dynamics 365. Malicious users can exploit this vulnerability to execute arbitrary code.

Original advisories

CVE-2022-23259

Related products

Microsoft-Dynamics-365

CVE list

CVE-2022-23259 critical

KB list

5012731

5012732

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

  • Microsoft Dynamics 365 9.0Microsoft Dynamics 365 9.1

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.007

Percentile

81.2%