Kaspersky LabKLA12548KLA12548 Multiple vulnerabilities in Microsoft Browser
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
8.7 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.0%
Detect date:
05/31/2022
Severity:
Warning
Description:
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, spoof user interface.
Affected products:
Microsoft Edge (Chromium-based)
Solution:
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Original advisories:
CVE-2022-1868
CVE-2022-30127
CVE-2022-1856
CVE-2022-1857
CVE-2022-1863
CVE-2022-1853
CVE-2022-1872
CVE-2022-1865
CVE-2022-1874
CVE-2022-1871
CVE-2022-26905
CVE-2022-1855
CVE-2022-1869
CVE-2022-1859
CVE-2022-1870
CVE-2022-1854
CVE-2022-1873
CVE-2022-1875
CVE-2022-1858
CVE-2022-1864
CVE-2022-1867
CVE-2022-30128
CVE-2022-1876
CVE-2022-1862
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2022-18626.5High
CVE-2022-18658.8Critical
CVE-2022-18676.5High
CVE-2022-18714.3Warning
CVE-2022-18578.8Critical
CVE-2022-18724.3Warning
CVE-2022-18736.5High
CVE-2022-18686.5High
CVE-2022-18586.5High
CVE-2022-18598.8Critical
CVE-2022-18638.8Critical
CVE-2022-18748.8Critical
CVE-2022-18558.8Critical
CVE-2022-18768.8Critical
CVE-2022-18696.5High
CVE-2022-18708.8Critical
CVE-2022-18539.6Critical
CVE-2022-18548.8Critical
CVE-2022-18568.8Critical
CVE-2022-18754.3Warning
CVE-2022-18648.8Critical
CVE-2022-301278.3Critical
CVE-2022-269054.3Warning
CVE-2022-301288.3Critical
Microsoft official advisories:
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1854
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1856
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1859
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1865
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1867
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1868
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1869
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1870
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1871
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1872
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1873
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1874
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1875
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1876
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26905
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30128
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1853
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1854
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1855
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1856
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1857
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1858
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1859
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1862
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1863
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1864
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1865
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1867
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1868
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1869
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1870
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1871
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1872
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1873
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1874
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1875
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1876
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26905
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30127
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30128
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1
threats.kaspersky.com/en/product/Microsoft-Edge/
Related
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
8.7 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.0%