8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.6%
12/13/2022
Critical
Code execution vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to execute arbitrary code.
Microsoft Dynamics NAV 2016
Microsoft Dynamics NAV 2018
Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)
Microsoft Dynamics 365 Business Central 2021 Release Wave 1
Microsoft Dynamics 365 Business Central 2022 Release Wave 2
Microsoft Dynamics NAV 2017
Microsoft Dynamics 365 Business Central 2021 Release Wave 2
Microsoft Dynamics 365 Business Central 2020 Release Wave 2
Microsoft Dynamics 365 Business Central 2020 Release Wave 1
Microsoft Dynamics 365 Business Central 2022 Release Wave 1
Dynamics 365 Business Central Spring 2019 Update
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ACE
5010202
5019239
5021671
5010910
5021670
5013420
5021672
5021668
5005293
5021669
5001733
support.microsoft.com/kb/5001733
support.microsoft.com/kb/5005293
support.microsoft.com/kb/5010202
support.microsoft.com/kb/5010910
support.microsoft.com/kb/5013420
support.microsoft.com/kb/5019239
support.microsoft.com/kb/5021668
support.microsoft.com/kb/5021669
support.microsoft.com/kb/5021670
support.microsoft.com/kb/5021671
support.microsoft.com/kb/5021672
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41127
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Dynamics-365/
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.6%