Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA19249
HistorySep 13, 2022 - 12:00 a.m.

KLA19249 Multiple vulnerabilities in Microsoft Products (ESU)

2022-09-1300:00:00
Kaspersky Lab
threats.kaspersky.com
24

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.28 Low

EPSS

Percentile

96.8%

JSON

Detect date:

09/13/2022

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information.

Exploitation:

Public exploits exist for this vulnerability.

Affected products:

Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2022-35840
CVE-2022-38004
CVE-2022-34727
CVE-2022-37969
CVE-2022-30170
CVE-2022-34724
CVE-2022-33647
CVE-2022-34732
CVE-2022-35830
CVE-2022-34726
CVE-2022-34718
CVE-2022-34721
CVE-2022-37955
CVE-2022-34731
CVE-2022-35803
CVE-2022-30200
CVE-2022-34730
CVE-2022-34729
CVE-2022-38006
CVE-2022-38005
CVE-2022-37964
CVE-2022-37956
CVE-2022-34733
CVE-2022-35836
CVE-2022-35833
CVE-2022-35832
CVE-2022-37958
CVE-2022-35835
CVE-2022-33679
CVE-2022-34734
CVE-2022-34728
CVE-2022-34720
CVE-2022-34719
CVE-2022-34722
CVE-2022-35837
CVE-2022-35834

Impacts:

ACE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2022-358408.8Critical
CVE-2022-380047.8Critical
CVE-2022-347278.8Critical
CVE-2022-379697.8Critical
CVE-2022-301707.3High
CVE-2022-347247.5Critical
CVE-2022-336478.1Critical
CVE-2022-347328.8Critical
CVE-2022-358308.1Critical
CVE-2022-347268.8Critical
CVE-2022-347189.8Critical
CVE-2022-347219.8Critical
CVE-2022-379557.8Critical
CVE-2022-347318.8Critical
CVE-2022-358037.8Critical
CVE-2022-302007.8Critical
CVE-2022-347308.8Critical
CVE-2022-347297.8Critical
CVE-2022-380066.5High
CVE-2022-380057.8Critical
CVE-2022-379567.8Critical
CVE-2022-347338.8Critical
CVE-2022-358368.8Critical
CVE-2022-358337.5Critical
CVE-2022-358325.5High
CVE-2022-379588.1Critical
CVE-2022-358358.8Critical
CVE-2022-336798.1Critical
CVE-2022-347348.8Critical
CVE-2022-347285.5High
CVE-2022-347207.5Critical
CVE-2022-347197.8Critical
CVE-2022-347229.8Critical
CVE-2022-358376.5High
CVE-2022-358348.8Critical
CVE-2022-379647.8Critical

KB list:

5017361
5017373
5017371
5017358

Microsoft official advisories:

References

Related

nessus 10
mskb 15
openvas 7
kaspersky 1
avleonov 3
talosblog 3
rapid7blog 2
thn 7
zdt 1
googleprojectzero 2
malwarebytes 2
krebs 2
trellix 4
cve 36
githubexploit 6
mscve 36
prion 36
checkpoint_advisories 3
attackerkb 3
qualysblog 2
cnvd 4
zdi 1
hivepro 3
securelist 5
schneier 1
veracode 1
osv 1
github 1
cisa_kev 1
nessus
nessus
KB5017373: Windows Server 2008 R2 Security Update (September 2022)
2022-09-13 00:00:00
KB5017377: Windows Server 2012 Security Update (September 2022)
2022-09-13 00:00:00
KB5017371: Windows Server 2008 Security Update (September 2022)
2022-09-13 00:00:00
mskb
mskb
September 13, 2022—KB5017373 (Security-only update)
2022-09-13 07:00:00
September 13, 2022—KB5017371 (Security-only update)
2022-09-13 07:00:00
September 13, 2022—KB5017361 (Monthly Rollup)
2022-09-13 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5017361)
2022-09-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5017367)
2022-09-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5017305)
2022-09-14 00:00:00
kaspersky
kaspersky
KLA19245 Multiple vulnerabilities in Microsoft Windows
2022-09-13 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB
2022-09-23 22:44:11
Vulristics News: EPSS v3 Support, Integration into Cloud Advisor
2023-04-23 23:11:58
Microsoft Patch Tuesday December 2022: SPNEGO RCE, Mark of the Web Bypass, Edge Memory Corruptions
2022-12-24 22:55:39
talosblog
talosblog
Microsoft Patch Tuesday for September 2022 — Snort rules and prominent vulnerabilities
2022-09-13 18:01:00
Threat Source newsletter (April 13, 2023) — Dark web forum whac-a-mole
2023-04-13 18:00:40
Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities
2023-04-11 19:28:27
rapid7blog
rapid7blog
Patch Tuesday - September 2022
2022-09-13 20:11:08
Patch Tuesday - April 2023
2023-04-11 22:49:56
thn
thn
Microsoft's Latest Security Update Fixes 64 New Flaws, Including a Zero-Day
2022-09-14 04:42:00
APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network
2022-11-09 13:47:00
Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month
2022-10-14 17:34:00
zdt
zdt
Windows Kerberos RC4 MD4 Encryption Downgrade Privilege Escalation Vulnerability
2022-10-04 00:00:00
googleprojectzero
googleprojectzero
RC4 Is Still Considered Harmful
2022-10-27 00:00:00
The Windows Registry Adventure #1: Introduction and research results
2024-04-18 00:00:00
malwarebytes
malwarebytes
Update now! Microsoft patches two zero-days
2022-09-14 12:00:00
4 over-hyped security vulnerabilities of 2022
2022-12-19 01:00:00
krebs
krebs
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
2022-09-14 00:23:45
Microsoft (& Apple) Patch Tuesday, April 2023 Edition
2023-04-12 00:06:51
trellix
trellix
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
cve
cve
CVE-2022-35832
2022-09-13 19:15:00
CVE-2022-35837
2022-09-13 19:15:00
CVE-2022-34733
2022-09-13 19:15:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2022-11-02 18:38:01
Exploit for Vulnerability in Microsoft
2022-11-16 10:56:02
Exploit for Vulnerability in Microsoft
2022-11-29 18:34:08
mscve
mscve
Microsoft ODBC Driver Remote Code Execution Vulnerability
2022-09-13 07:00:00
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
2022-09-13 07:00:00
Windows Distributed File System (DFS) Elevation of Privilege Vulnerability
2022-09-13 07:00:00
prion
prion
Remote code execution
2022-09-13 19:15:00
Privilege escalation
2022-09-13 19:15:00
Denial of service
2022-09-13 19:15:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI Elevation of Privilege (CVE-2022-34729)
2022-09-13 00:00:00
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2022-35803)
2022-09-13 00:00:00
Microsoft Windows Internet Key Exchange Remote Code Execution (CVE-2022-34721)
2022-09-21 00:00:00
attackerkb
attackerkb
CVE-2022-30170
2022-09-13 00:00:00
CVE-2022-34721
2022-09-13 00:00:00
CVE-2022-37969
2022-09-13 00:00:00
qualysblog
qualysblog
September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.
2022-09-13 20:00:00
Qualys Threat Research Unit: Threat Thursdays, December 2022
2022-12-29 19:05:19
cnvd
cnvd
Microsoft Windows has an unspecified vulnerability (CNVD-2022-63614)
2022-09-15 00:00:00
Microsoft Windows TCP/IP Remote Code Execution Vulnerability (CNVD-2022-63613)
2022-09-15 00:00:00
Microsoft Windows Internet has an unspecified vulnerability
2022-09-15 00:00:00
zdi
zdi
Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability
2022-09-19 00:00:00
hivepro
hivepro
Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign
2022-11-30 11:46:31
Microsoft Rolled Out SPNEGO NEGOEX Critical Vulnerability
2022-12-26 10:37:19
Microsoft busts an actively exploited zero-day and several critical flaws
2022-09-16 09:03:27
securelist
securelist
Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
2023-12-21 10:00:53
Nokoyawa ransomware attacks with Windows zero-day
2023-04-11 17:36:20
Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)
2023-12-21 10:00:56
schneier
schneier
Critical Microsoft Code-Execution Vulnerability
2022-12-22 12:01:37
veracode
veracode
Privilege Escalation
2022-12-08 14:17:02
osv
osv
DSInternals Credential Roaming Elevation of Privilege Vulnerability
2022-12-06 21:13:49
github
github
DSInternals Credential Roaming Elevation of Privilege Vulnerability
2022-12-06 21:13:49
cisa_kev
cisa_kev
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
2022-09-14 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.28 Low

EPSS

Percentile

96.8%

JSON
Related for KLA19249
nessus10mskb15openvas7kaspersky1avleonov3talosblog3rapid7blog2thn7zdt1googleprojectzero2malwarebytes2krebs2trellix4cve36githubexploit6mscve36prion36checkpoint_advisories3attackerkb3qualysblog2cnvd4zdi1hivepro3securelist5schneier1veracode1osv1github1cisa_kev1