Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

2022-08-09T07:00:00

Description

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35767, CVE-2022-35794.

{"id": "MS:CVE-2022-35766", "vendorId": null, "type": "mscve", "bulletinFamily": "microsoft", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35767, CVE-2022-35794.", "published": "2022-08-09T07:00:00", "modified": "2022-08-09T07:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.2, "impactScore": 5.9}, "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35766", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "immutableFields": [], "lastseen": "2023-03-17T02:32:07", "viewCount": 158, "enchantments": {"dependencies": {"references": [{"type": "avleonov", "idList": ["AVLEONOV:37BE727F2D0C216B8B10BD6CBE6BD061"]}, {"type": "cve", "idList": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"]}, {"type": "kaspersky", "idList": ["KLA12602", "KLA12603"]}, {"type": "mscve", "idList": ["MS:CVE-2022-34702", "MS:CVE-2022-34714", "MS:CVE-2022-35745", "MS:CVE-2022-35752", "MS:CVE-2022-35753", "MS:CVE-2022-35767", "MS:CVE-2022-35794"]}, {"type": "nessus", "idList": ["SMB_NT_MS22_AUG_5016616.NASL", "SMB_NT_MS22_AUG_5016622.NASL", "SMB_NT_MS22_AUG_5016623.NASL", "SMB_NT_MS22_AUG_5016627.NASL", "SMB_NT_MS22_AUG_5016629.NASL", "SMB_NT_MS22_AUG_5016639.NASL", "SMB_NT_MS22_AUG_5016679.NASL", "SMB_NT_MS22_AUG_5016683.NASL", "SMB_NT_MS22_AUG_5016684.NASL", "SMB_NT_MS22_AUG_5016686.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:AC756D2C7DB65BB8BC9FBD558B7F3AD3"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:882168BD332366CE296FB09DC00E018E"]}]}, "score": {"value": 3.1, "vector": "NONE"}, "epss": [{"cve": "CVE-2022-34702", "epss": "0.006690000", "percentile": "0.766390000", "modified": "2023-03-19"}, {"cve": "CVE-2022-34714", "epss": "0.042060000", "percentile": "0.908960000", "modified": "2023-03-19"}, {"cve": "CVE-2022-35766", "epss": "0.004170000", "percentile": "0.701000000", "modified": "2023-03-19"}, {"cve": "CVE-2022-35767", "epss": "0.042060000", "percentile": "0.908960000", "modified": "2023-03-19"}, {"cve": "CVE-2022-35794", "epss": "0.042060000", "percentile": "0.908960000", "modified": "2023-03-19"}], "vulnersScore": 3.1}, "_state": {"score": 1679020683, "dependencies": 1679020559, "epss": 1679302437}, "_internal": {"score_hash": "c513058df7716b4bbbb9962e95a7b5bb"}, "kbList": ["KB5016629", "KB5016616", "KB5016627", "KB5015814", "KB5015807", "KB5015811", "KB5015827", "KB5016623"], "msrc": "", "mscve": "CVE-2022-35766", "msAffectedSoftware": [{"name": "windows 10 version 21h2 for arm64-based systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19044.1889", "operator": "lt"}, {"name": "windows 10 version 21h2 for 32-bit systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19044.1889", "operator": "lt"}, {"name": "windows 11 version 21h2 for arm64-based systems", "kbSupersedence": "KB5015814", "kb": "KB5016629", "msplatform": "", "version": "10.0.22000.856", "operator": "lt"}, {"name": "windows 11 version 21h2 for x64-based systems", "kbSupersedence": "KB5015814", "kb": "KB5016629", "msplatform": "", "version": "10.0.22000.856", "operator": "lt"}, {"name": "windows server, version 20h2 (server core installation)", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19042.1889", "operator": "lt"}, {"name": "windows 10 version 20h2 for arm64-based systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19042.1889", "operator": "lt"}, {"name": "windows 10 version 20h2 for 32-bit systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19042.1889", "operator": "lt"}, {"name": "windows 10 version 20h2 for x64-based systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19042.1889", "operator": "lt"}, {"name": "windows server 2022 (server core installation)", "kbSupersedence": "KB5015827", "kb": "KB5016627", "msplatform": "", "version": "10.0.20348.887", "operator": "lt"}, {"name": "windows server 2022", "kbSupersedence": "KB5015827", "kb": "KB5016627", "msplatform": "", "version": "10.0.20348.887", "operator": "lt"}, {"name": "windows 10 version 21h1 for 32-bit systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19043.1889", "operator": "lt"}, {"name": "windows 10 version 21h1 for arm64-based systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19043.1889", "operator": "lt"}, {"name": "windows 10 version 21h1 for x64-based systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19043.1889", "operator": "lt"}, {"name": "windows server 2019 (server core installation)", "kbSupersedence": "KB5015811", "kb": "KB5016623", "msplatform": "", "version": "10.0.17763.3287", "operator": "lt"}, {"name": "windows server 2019", "kbSupersedence": "KB5015811", "kb": "KB5016623", "msplatform": "", "version": "10.0.17763.3287", "operator": "lt"}, {"name": "windows 10 version 1809 for arm64-based systems", "kbSupersedence": "KB5015811", "kb": "KB5016623", "msplatform": "", "version": "10.0.17763.3287", "operator": "lt"}, {"name": "windows 10 version 1809 for x64-based systems", "kbSupersedence": "KB5015811", "kb": "KB5016623", "msplatform": "", "version": "10.0.17763.3287", "operator": "lt"}, {"name": "windows 10 version 1809 for 32-bit systems", "kbSupersedence": "KB5015811", "kb": "KB5016623", "msplatform": "", "version": "10.0.17763.3287", "operator": "lt"}, {"name": "windows 10 version 21h2 for x64-based systems", "kbSupersedence": "KB5015807", "kb": "KB5016616", "msplatform": "", "version": "10.0.19044.1889", "operator": "lt"}], "vendorCvss": {"baseScore": "8.1", "temporalScore": "7.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}

{"mscve": [{"lastseen": "2023-03-17T02:32:07", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-35767", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35767", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:32:08", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-34702", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34702", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:32:12", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-34714", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34714", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:32:07", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-35794", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35794", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:32:11", "description": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "cvss3": {}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35753"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-35753", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35753", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:32:12", "description": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "cvss3": {}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35745"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-35745", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35745", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:32:11", "description": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "cvss3": {}, "published": "2022-08-09T07:00:00", "type": "mscve", "title": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35752"], "modified": "2022-08-09T07:00:00", "id": "MS:CVE-2022-35752", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35752", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-02-09T14:33:48", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T20:15:00", "type": "cve", "title": "CVE-2022-35767", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-12T16:29:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-35767", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35767", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:31:53", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T20:15:00", "type": "cve", "title": "CVE-2022-34702", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-12T20:07:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-34702", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34702", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:33:49", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35767, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T20:15:00", "type": "cve", "title": "CVE-2022-35766", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-12T17:07:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-35766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35766", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2023-02-09T14:31:55", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T20:15:00", "type": "cve", "title": "CVE-2022-34714", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-12T17:23:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-34714", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34714", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:33:52", "description": "Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T20:15:00", "type": "cve", "title": "CVE-2022-35794", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34702", "CVE-2022-34714", "CVE-2022-35745", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35794"], "modified": "2022-08-15T16:22:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-35794", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35794", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}], "nessus": [{"lastseen": "2023-02-09T22:38:40", "description": "The remote Windows host is missing security update 5016686. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016686: Windows Server 2008 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30194", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34714", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35747", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35793"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016686.NASL", "href": "https://www.tenable.com/plugins/nessus/163942", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163942);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30194\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34714\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35747\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35793\"\n );\n script_xref(name:\"MSKB\", value:\"5016669\");\n script_xref(name:\"MSKB\", value:\"5016686\");\n script_xref(name:\"MSFT\", value:\"MS22-5016669\");\n script_xref(name:\"MSFT\", value:\"MS22-5016686\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016686: Windows Server 2008 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016686. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016669\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016669\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016686\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016686 or Cumulative Update 5016669\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016686',\n '5016669'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016686, 5016669])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T00:44:27", "description": "The remote Windows host is missing security update 5016679. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016679: Windows 7 and Windows Server 2008 R2 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30194", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35747", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35756", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35793", "CVE-2022-35795", "CVE-2022-35820"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016679.NASL", "href": "https://www.tenable.com/plugins/nessus/163952", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163952);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30194\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35747\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35756\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35793\",\n \"CVE-2022-35795\",\n \"CVE-2022-35820\"\n );\n script_xref(name:\"MSKB\", value:\"5016676\");\n script_xref(name:\"MSKB\", value:\"5016679\");\n script_xref(name:\"MSFT\", value:\"MS22-5016676\");\n script_xref(name:\"MSFT\", value:\"MS22-5016679\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016679: Windows 7 and Windows Server 2008 R2 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016679. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016679\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016679 or Cumulative Update 5016676\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016679',\n '5016676'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016679, 5016676])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T04:35:49", "description": "The remote Windows host is missing security update 5016684. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016684: Windows Server 2012 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30194", "CVE-2022-33670", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35756", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35793", "CVE-2022-35795", "CVE-2022-35820"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016684.NASL", "href": "https://www.tenable.com/plugins/nessus/163948", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163948);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30194\",\n \"CVE-2022-33670\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35748\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35756\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35793\",\n \"CVE-2022-35795\",\n \"CVE-2022-35820\"\n );\n script_xref(name:\"MSKB\", value:\"5016672\");\n script_xref(name:\"MSKB\", value:\"5016684\");\n script_xref(name:\"MSFT\", value:\"MS22-5016672\");\n script_xref(name:\"MSFT\", value:\"MS22-5016684\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016684: Windows Server 2012 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016684. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016684\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016684 or Cumulative Update 5016672\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016684',\n '5016672'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016684, 5016672])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T16:11:36", "description": "The remote Windows host is missing security update 5016629. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016629: Windows 11 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-30197", "CVE-2022-33670", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34705", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34712", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35757", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35795", "CVE-2022-35797", "CVE-2022-35804", "CVE-2022-35820"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016629.NASL", "href": "https://www.tenable.com/plugins/nessus/163945", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163945);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30144\",\n \"CVE-2022-30194\",\n \"CVE-2022-30197\",\n \"CVE-2022-33670\",\n \"CVE-2022-34301\",\n \"CVE-2022-34302\",\n \"CVE-2022-34303\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34699\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34703\",\n \"CVE-2022-34704\",\n \"CVE-2022-34705\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34709\",\n \"CVE-2022-34710\",\n \"CVE-2022-34712\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35757\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35761\",\n \"CVE-2022-35766\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35771\",\n \"CVE-2022-35793\",\n \"CVE-2022-35794\",\n \"CVE-2022-35795\",\n \"CVE-2022-35797\",\n \"CVE-2022-35804\",\n \"CVE-2022-35820\"\n );\n script_xref(name:\"MSKB\", value:\"5016629\");\n script_xref(name:\"MSFT\", value:\"MS22-5016629\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016629: Windows 11 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016629. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016629\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016629\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35804\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016629'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:22000,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016629])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T18:47:48", "description": "The remote Windows host is missing security update 5016623. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016623: Windows 10 version 1809 / Windows Server 2019 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-30197", "CVE-2022-33670", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34705", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35757", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35762", "CVE-2022-35763", "CVE-2022-35764", "CVE-2022-35765", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35792", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35795", "CVE-2022-35797"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016623.NASL", "href": "https://www.tenable.com/plugins/nessus/163946", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163946);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30144\",\n \"CVE-2022-30194\",\n \"CVE-2022-30197\",\n \"CVE-2022-33670\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34699\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34703\",\n \"CVE-2022-34704\",\n \"CVE-2022-34705\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34709\",\n \"CVE-2022-34710\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35748\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35757\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35761\",\n \"CVE-2022-35762\",\n \"CVE-2022-35763\",\n \"CVE-2022-35764\",\n \"CVE-2022-35765\",\n \"CVE-2022-35766\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35771\",\n \"CVE-2022-35792\",\n \"CVE-2022-35793\",\n \"CVE-2022-35794\",\n \"CVE-2022-35795\",\n \"CVE-2022-35797\"\n );\n script_xref(name:\"MSKB\", value:\"5016623\");\n script_xref(name:\"MSFT\", value:\"MS22-5016623\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016623: Windows 10 version 1809 / Windows Server 2019 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016623. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016623\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016623\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016623'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:17763,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016623])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-18T22:39:25", "description": "The remote Windows host is missing security update 5016683. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016683: Windows Server 2012 R2 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-33670", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35793", "CVE-2022-35795", "CVE-2022-35820"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016683.NASL", "href": "https://www.tenable.com/plugins/nessus/163947", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163947);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30144\",\n \"CVE-2022-30194\",\n \"CVE-2022-33670\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35748\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35793\",\n \"CVE-2022-35795\",\n \"CVE-2022-35820\"\n );\n script_xref(name:\"MSKB\", value:\"5016681\");\n script_xref(name:\"MSKB\", value:\"5016683\");\n script_xref(name:\"MSFT\", value:\"MS22-5016681\");\n script_xref(name:\"MSFT\", value:\"MS22-5016683\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016683: Windows Server 2012 R2 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016683. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016683\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016683 or Cumulative Update 5016681\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016683',\n '5016681'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016683, 5016681])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-20T16:37:44", "description": "The remote Windows host is missing security update 5016639. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016639: Windows 10 LTS 1507 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-33670", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35793", "CVE-2022-35795"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016639.NASL", "href": "https://www.tenable.com/plugins/nessus/163941", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163941);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30144\",\n \"CVE-2022-30194\",\n \"CVE-2022-33670\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34703\",\n \"CVE-2022-34704\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34709\",\n \"CVE-2022-34710\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35771\",\n \"CVE-2022-35793\",\n \"CVE-2022-35795\"\n );\n script_xref(name:\"MSKB\", value:\"5016639\");\n script_xref(name:\"MSFT\", value:\"MS22-5016639\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016639: Windows 10 LTS 1507 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016639. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016639\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016639\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016639'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:10240,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016639])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T06:48:38", "description": "The remote Windows host is missing security update 5016627. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016627: Windows Server 2022 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30194", "CVE-2022-30197", "CVE-2022-33670", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34705", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34712", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-34715", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35757", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35762", "CVE-2022-35763", "CVE-2022-35764", "CVE-2022-35765", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35792", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35795", "CVE-2022-35820"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016627.NASL", "href": "https://www.tenable.com/plugins/nessus/163953", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163953);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30194\",\n \"CVE-2022-30197\",\n \"CVE-2022-33670\",\n \"CVE-2022-34301\",\n \"CVE-2022-34302\",\n \"CVE-2022-34303\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34699\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34703\",\n \"CVE-2022-34704\",\n \"CVE-2022-34705\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34709\",\n \"CVE-2022-34710\",\n \"CVE-2022-34712\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-34715\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35748\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35757\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35761\",\n \"CVE-2022-35762\",\n \"CVE-2022-35763\",\n \"CVE-2022-35764\",\n \"CVE-2022-35765\",\n \"CVE-2022-35766\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35771\",\n \"CVE-2022-35792\",\n \"CVE-2022-35793\",\n \"CVE-2022-35794\",\n \"CVE-2022-35795\",\n \"CVE-2022-35820\"\n );\n script_xref(name:\"MSKB\", value:\"5016627\");\n script_xref(name:\"MSFT\", value:\"MS22-5016627\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016627: Windows Server 2022 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016627. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows WebBrowser Control Remote Code Execution Vulnerability (CVE-2022-30194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016627\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016627\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-34715\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016627'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:20348,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016627])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T16:12:00", "description": "The remote Windows host is missing security update 5016616. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016616: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-30197", "CVE-2022-33670", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34705", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34712", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35757", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35762", "CVE-2022-35763", "CVE-2022-35764", "CVE-2022-35765", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35792", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35795", "CVE-2022-35797", "CVE-2022-35820"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016616.NASL", "href": "https://www.tenable.com/plugins/nessus/163951", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163951);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30144\",\n \"CVE-2022-30194\",\n \"CVE-2022-30197\",\n \"CVE-2022-33670\",\n \"CVE-2022-34301\",\n \"CVE-2022-34302\",\n \"CVE-2022-34303\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34699\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34703\",\n \"CVE-2022-34704\",\n \"CVE-2022-34705\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34709\",\n \"CVE-2022-34710\",\n \"CVE-2022-34712\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35748\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35757\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35761\",\n \"CVE-2022-35762\",\n \"CVE-2022-35763\",\n \"CVE-2022-35764\",\n \"CVE-2022-35765\",\n \"CVE-2022-35766\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35771\",\n \"CVE-2022-35792\",\n \"CVE-2022-35793\",\n \"CVE-2022-35794\",\n \"CVE-2022-35795\",\n \"CVE-2022-35797\",\n \"CVE-2022-35820\"\n );\n script_xref(name:\"MSKB\", value:\"5016616\");\n script_xref(name:\"MSFT\", value:\"MS22-5016616\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016616: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016616. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016616\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016616\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016616'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nvar os_name = get_kb_item(\"SMB/ProductName\");\n\nif ( ( (\"enterprise\" >< tolower(os_name) || \"education\" >< tolower(os_name))\n &&\n smb_check_rollup(os:'10',\n os_build:19042,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016616]) \n )\n ||\n smb_check_rollup(os:'10',\n os_build:19043,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016616])\n || \n smb_check_rollup(os:'10',\n os_build:19044,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016616])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-19T04:35:48", "description": "The remote Windows host is missing security update 5016622. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "KB5016622: Windows 10 Version 1607 and Windows Server 2016 Security Update (August 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-33670", "CVE-2022-34689", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35762", "CVE-2022-35763", "CVE-2022-35764", "CVE-2022-35765", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35792", "CVE-2022-35793", "CVE-2022-35795"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_AUG_5016622.NASL", "href": "https://www.tenable.com/plugins/nessus/163940", "sourceData": "##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163940);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-30133\",\n \"CVE-2022-30144\",\n \"CVE-2022-30194\",\n \"CVE-2022-33670\",\n \"CVE-2022-34689\",\n \"CVE-2022-34690\",\n \"CVE-2022-34691\",\n \"CVE-2022-34696\",\n \"CVE-2022-34699\",\n \"CVE-2022-34701\",\n \"CVE-2022-34702\",\n \"CVE-2022-34703\",\n \"CVE-2022-34704\",\n \"CVE-2022-34706\",\n \"CVE-2022-34707\",\n \"CVE-2022-34708\",\n \"CVE-2022-34709\",\n \"CVE-2022-34710\",\n \"CVE-2022-34713\",\n \"CVE-2022-34714\",\n \"CVE-2022-35743\",\n \"CVE-2022-35744\",\n \"CVE-2022-35745\",\n \"CVE-2022-35746\",\n \"CVE-2022-35747\",\n \"CVE-2022-35748\",\n \"CVE-2022-35749\",\n \"CVE-2022-35750\",\n \"CVE-2022-35751\",\n \"CVE-2022-35752\",\n \"CVE-2022-35753\",\n \"CVE-2022-35754\",\n \"CVE-2022-35755\",\n \"CVE-2022-35756\",\n \"CVE-2022-35758\",\n \"CVE-2022-35759\",\n \"CVE-2022-35760\",\n \"CVE-2022-35761\",\n \"CVE-2022-35762\",\n \"CVE-2022-35763\",\n \"CVE-2022-35764\",\n \"CVE-2022-35765\",\n \"CVE-2022-35767\",\n \"CVE-2022-35768\",\n \"CVE-2022-35769\",\n \"CVE-2022-35771\",\n \"CVE-2022-35792\",\n \"CVE-2022-35793\",\n \"CVE-2022-35795\"\n );\n script_xref(name:\"MSKB\", value:\"5016622\");\n script_xref(name:\"MSFT\", value:\"MS22-5016622\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/30\");\n script_xref(name:\"IAVA\", value:\"2022-A-0320-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0319-S\");\n\n script_name(english:\"KB5016622: Windows 10 Version 1607 and Windows Server 2016 Security Update (August 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5016622. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769)\n\n - Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability (CVE-2022-30133, CVE-2022-35744)\n\n - Windows Bluetooth Service Remote Code Execution Vulnerability (CVE-2022-30144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5016622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5016622\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5016622\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-08';\nkbs = make_list(\n '5016622'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:14393,\n rollup_date:'08_2022',\n bulletin:bulletin,\n rollup_kb_list:[5016622])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2022-08-11T08:18:35", "description": "### *Detect date*:\n08/09/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 for x64-based Systems Service Pack 2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-35759](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35759>) \n[CVE-2022-34690](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34690>) \n[CVE-2022-35745](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35745>) \n[CVE-2022-35750](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35750>) \n[CVE-2022-34708](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34708>) \n[CVE-2022-35753](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35753>) \n[CVE-2022-34691](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691>) \n[CVE-2022-35751](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35751>) \n[CVE-2022-34701](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34701>) \n[CVE-2022-34707](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34707>) \n[CVE-2022-34713](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713>) \n[CVE-2022-35820](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820>) \n[CVE-2022-30194](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30194>) \n[CVE-2022-35744](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35744>) \n[CVE-2022-34706](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34706>) \n[CVE-2022-34714](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34714>) \n[CVE-2022-30133](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30133>) \n[CVE-2022-35758](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35758>) \n[CVE-2022-35767](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35767>) \n[CVE-2022-35769](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35769>) \n[CVE-2022-35795](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35795>) \n[CVE-2022-35760](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35760>) \n[CVE-2022-35768](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35768>) \n[CVE-2022-35752](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35752>) \n[CVE-2022-35793](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35793>) \n[CVE-2022-35747](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35747>) \n[CVE-2022-35743](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35743>) \n[CVE-2022-35756](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35756>) \n[CVE-2022-34702](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34702>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *KB list*:\n[5016686](<http://support.microsoft.com/kb/5016686>) \n[5016669](<http://support.microsoft.com/kb/5016669>) \n[5016679](<http://support.microsoft.com/kb/5016679>) \n[5016676](<http://support.microsoft.com/kb/5016676>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "kaspersky", "title": "KLA12603 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30194", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35747", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35756", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35793", "CVE-2022-35795", "CVE-2022-35820"], "modified": "2022-08-10T00:00:00", "id": "KLA12603", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12603/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-27T08:08:51", "description": "### *Detect date*:\n08/09/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 8.1 for x64-based systems \nWindows Server 2012 R2 \nWindows Server 2012 R2 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows 8.1 for 32-bit systems \nWindows Server 2022 (Server Core installation) \nWindows Server 2019 (Server Core installation) \nWindows Server 2022 \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H2 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows Server 2012 \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows Server 2016 \nWindows 10 Version 21H2 for ARM64-based Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 21H2 for 32-bit Systems \nWindows Server 2019 \nWindows 10 for x64-based Systems \nWindows Server, version 20H2 (Server Core Installation) \nWindows RT 8.1 \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 11 for x64-based Systems \nWindows 10 Version 1809 for ARM64-based Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-35759](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35759>) \n[CVE-2022-34705](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34705>) \n[CVE-2022-35765](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35765>) \n[CVE-2022-34303](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34303>) \n[CVE-2022-35763](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35763>) \n[CVE-2022-34703](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34703>) \n[CVE-2022-35751](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35751>) \n[CVE-2022-34707](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34707>) \n[CVE-2022-30194](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30194>) \n[CVE-2022-35771](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35771>) \n[CVE-2022-35744](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35744>) \n[CVE-2022-34714](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34714>) \n[CVE-2022-34301](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34301>) \n[CVE-2022-35794](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35794>) \n[CVE-2022-35766](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35766>) \n[CVE-2022-34709](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34709>) \n[CVE-2022-34704](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34704>) \n[CVE-2022-35767](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35767>) \n[CVE-2022-35769](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35769>) \n[CVE-2022-35804](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35804>) \n[CVE-2022-30197](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30197>) \n[CVE-2022-35795](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35795>) \n[CVE-2022-35760](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35760>) \n[CVE-2022-35793](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35793>) \n[CVE-2022-35747](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35747>) \n[CVE-2022-35743](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35743>) \n[CVE-2022-35764](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35764>) \n[CVE-2022-30144](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30144>) \n[CVE-2022-35761](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35761>) \n[CVE-2022-35762](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35762>) \n[CVE-2022-34702](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34702>) \n[CVE-2022-35757](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35757>) \n[CVE-2022-34690](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34690>) \n[CVE-2022-35745](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35745>) \n[CVE-2022-35750](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35750>) \n[CVE-2022-34708](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34708>) \n[CVE-2022-35792](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35792>) \n[CVE-2022-35753](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35753>) \n[CVE-2022-34712](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34712>) \n[CVE-2022-34701](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34701>) \n[CVE-2022-34691](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691>) \n[CVE-2022-34302](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34302>) \n[CVE-2022-35746](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35746>) \n[CVE-2022-34713](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713>) \n[CVE-2022-35820](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820>) \n[CVE-2022-34696](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34696>) \n[CVE-2022-33670](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33670>) \n[CVE-2022-34706](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34706>) \n[CVE-2022-34699](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34699>) \n[CVE-2022-35754](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35754>) \n[CVE-2022-35748](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35748>) \n[CVE-2022-30133](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30133>) \n[CVE-2022-35758](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35758>) \n[CVE-2022-35755](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35755>) \n[CVE-2022-35797](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35797>) \n[CVE-2022-35749](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35749>) \n[CVE-2022-35768](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35768>) \n[CVE-2022-35752](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35752>) \n[CVE-2022-34715](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34715>) \n[CVE-2022-34710](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34710>) \n[CVE-2022-35756](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35756>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *KB list*:\n[5016627](<http://support.microsoft.com/kb/5016627>) \n[5016672](<http://support.microsoft.com/kb/5016672>) \n[5016622](<http://support.microsoft.com/kb/5016622>) \n[5016683](<http://support.microsoft.com/kb/5016683>) \n[5016639](<http://support.microsoft.com/kb/5016639>) \n[5016616](<http://support.microsoft.com/kb/5016616>) \n[5016623](<http://support.microsoft.com/kb/5016623>) \n[5016684](<http://support.microsoft.com/kb/5016684>) \n[5016681](<http://support.microsoft.com/kb/5016681>) \n[5012170](<http://support.microsoft.com/kb/5012170>) \n[5016629](<http://support.microsoft.com/kb/5016629>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T00:00:00", "type": "kaspersky", "title": "KLA12602 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-30133", "CVE-2022-30144", "CVE-2022-30194", "CVE-2022-30197", "CVE-2022-33670", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34705", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34712", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-34715", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35757", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35762", "CVE-2022-35763", "CVE-2022-35764", "CVE-2022-35765", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35792", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35795", "CVE-2022-35797", "CVE-2022-35804", "CVE-2022-35820"], "modified": "2022-09-27T00:00:00", "id": "KLA12602", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12602/", "cvss": {"score": 0.0, "vector": "NONE"}}], "avleonov": [{"lastseen": "2022-08-23T02:01:34", "description": "Hello everyone! In this episode, let's take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my [Vulristics](<https://github.com/leonov-av/vulristics>) vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August Patch Tuesdays.\n\nAlternative video link (for Russia): <https://vk.com/video-149273431_456239098>\n\nThere were 147 vulnerabilities. Urgent: 1, Critical: 0, High: 36, Medium: 108, Low: 2.\n\nThere was a lot of great stuff this Patch Tuesday. There was a critical exploited in the wild MSDT DogWalk vulnerability, 3 critical Exchange vulnerabilities that could be easily missed in prioritization, 13 potentially dangerous vulnerabilities, 2 funny vulnerabilities and 3 mysterious ones. Let's take a closer look.\n \n \n $ cat comments_links.txt \n Qualys|August 2022 Patch Tuesday. Microsoft Releases 121 Vulnerabilities with 17 Critical, plus 20 Microsoft Edge (Chromium-Based); Adobe Releases 5 Advisories|https://blog.qualys.com/vulnerabilities-threat-research/2022/08/09/august-2022-patch-tuesday\n ZDI|THE AUGUST 2022 SECURITY UPDATE REVIEW|https://www.zerodayinitiative.com/blog/2022/8/9/the-august-2022-security-update-review\n Kaspersky|DogWalk and other vulnerabilities|https://www.kaspersky.com/blog/dogwalk-vulnerability-patch-tuesday-08-2022/45127/\n \n $ python3.8 vulristics.py --report-type \"ms_patch_tuesday_extended\" --mspt-year 2022 --mspt-month \"August\" --mspt-comments-links-path \"comments_links.txt\" --rewrite-flag \"True\"\n ...\n MS PT Year: 2022\n MS PT Month: August\n MS PT Date: 2022-08-09\n MS PT CVEs found: 121\n Ext MS PT Date from: 2022-07-13\n Ext MS PT Date to: 2022-08-08\n Ext MS PT CVEs found: 26\n ALL MS PT CVEs: 147\n ...\n\n## DogWalk\n\n**Remote Code Execution** in Microsoft Windows Support Diagnostic Tool (MSDT) (CVE-2022-34713), dubbed **DogWalk**. The only Urgent level vulnerability. The Microsoft Support Diagnostic Tool (MSDT) is a service in Microsoft Windows that allows Microsoft technical support agents to analyze diagnostic data remotely for troubleshooting purposes. DogWalk vulnerability allows code execution when MSDT is called using the URL protocol from a calling application, typically Microsoft Word. There is an element of social engineering to this as a threat actor would need to convince a user to click a link or open a document. Exploitability Assessment: Exploitation in the wild detected. The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Functional Exploit). But it is not yet available in public exploit packs. DogWalk is similar to MSDT RCE **Follina** (CVE-2022-30190), which made some hype in May of this year. It\u2019s not clear if this vulnerability is the result of a failed patch or something new. \n\n## 3 Microsoft Exchange EOPs\n\n**Elevation of Privilege** in Microsoft Exchange (CVE-2022-21980, CVE-2022-24516, CVE-2022-24477). I will not hide, this vulnerabilities were not detected as critical by Vulristics, only as Medium. This happened due to the fact that this are not RCEs, but EOPs. No public exploit or sign of exploitation in the wild. But these vulnerabilities are very critical, due to the fact that Exchange is often accessible from the Internet. And because of details about the vulnerability, which is only highlighted by ZDI. These bugs could allow an authenticated attacker to take over the mailboxes of all Exchange users, read and send emails or download attachments from any mailbox on the Exchange server. This gives access to valuable data and great opportunities for developing an attack. Administrators will also need to enable Extended Protection to fully address these vulnerabilities.\n\nit is not clear how to highlight such vulnerabilities automatically, because there are few formal signs. Apparently it is required to raise the priority of the software available on the perimeter and software that operates with important data.\n\n## 13 potentially dangerous vulnerabilities\n\n 1. **Remote Code Execution** in Windows Point-to-Point Protocol (PPP) (CVE-2022-30133, CVE-2022-35744). The Point-to-Point Protocol (PPP) is the default RAS (remote access service) protocol in Windows and is a data link-layer protocol used to encapsulate higher network-layer protocols to pass over synchronous and asynchronous communication lines. Both vulnerabilities allow attackers to send requests to the remote access server, which can lead to the execution of malicious code on the machine. And both have the same CVSS score: 9.8. This vulnerabilities can only be exploited by communicating via Port 1723. As a temporary workaround prior to installing the updates that address this vulnerability, you can block traffic through that port thus rendering the vulnerability unexploitable. Warning: Disabling Port 1723 could affect communications over your network. Exploitability Assessment: Exploitation Less Likely\n 2. **Remote Code Execution **in Windows Secure Socket Tunneling Protocol (SSTP) (CVE-2022-35766, CVE-2022-35794). SSTP is a VPN tunneling protocol designed to secure your online traffic. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS (remote access service) server, which could lead to remote code execution (RCE) on the RAS server machine. Exploitability Assessment: Exploitation Less Likely\n 3. **Remote Code Execution** in SMB Client and Server (CVE-2022-35804). The server side of this vulnerability would allow a remote, unauthenticated attacker to execute code with elevated privileges on affected SMB servers. Interestingly, this bug only affects Windows 11, which implies some new functionality introduced this vulnerability. Either way, this could potentially be wormable between affected Windows 11 systems with SMB server enabled. Disabling SMBv3 compression is a workaround for this bug, but applying the update is the best method to remediate the vulnerability. This vulnerability is reminiscent of past SMB vulnerabilities such as the EternalBlue SMBv1 flaw patched in MS17-010 in March of 2017 that was exploited as part of the [WannaCry](<https://avleonov.com/2017/05/13/wannacry-about-vulnerability-management/>) incident in addition to the more recent CVE-2020-0796 \u201cEternalDarkness\u201d RCE flaw in SMB 3.1.1.\n 4. **Remote Code Execution** in Visual Studio (CVE-2022-35777, CVE-2022-35825, CVE-2022-35826, CVE-2022-35827). The existence of a public exploit is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit). None of the vendors highlighted these vulnerabilities. But it seems that this can be used in targeted phishing against developers.\n 5. **Elevation of Privilege** in Active Directory (CVE-2022-34691). An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System. The advisory notes that exploitation is only possible when Active Directory Certificate Services is running on the domain. Exploitability Assessment: Exploitation Less Likely.\n 6. **Remote Code Execution** in Windows Network File System (CVE-2022-34715). This is now the fourth month in a row with an NFS code execution patch. To exploit this, a remote, unauthenticated attacker would need to make a specially crafted call to an affected NFS server. This would provide the threat actor with code execution at elevated privileges. Although we have not yet seen the actual exploitation of such vulnerabilities.\n 7. **Elevation of Privilege **in Windows Print Spooler (CVE-2022-35793, CVE-2022-35755). The Print Spooler is software built into the Windows operating system that temporarily stores print jobs in the computer's memory until the printer is ready to print them. CVE-2022-35755 can be exploited using a specially crafted \u201cinput file,\u201d while exploitation of CVE-2022-35793 requires a user click on a specially crafted URL. Both would give the attacker SYSTEM privileges. Both vulnerabilities can be mitigated by disabling the Print Spooler service, but CVE-2022-35793 can also be mitigated by disabling inbound remote printing via Group Policy.\n\n## 2 funny vulnerabilities\n\n 1. Vulristics suddenly highlighted the **Memory Corruption** in Microsoft Edge (CVE-2022-2623) vulnerability because there is a public exploit for it. It turned out that there was a bug in the exploit databases: 0day.today and packetstorm. CVE-2022-2623 was mistakenly written instead of CVE-2022-26233. And this also happens and no one checks it. Well, prioritization of vulnerabilities based on distorted source data does not work well.\n 2. **Denial of Service** - Microsoft Outlook (CVE-2022-35742). This was reported through the ZDI program and is a mighty interesting bug. Sending a crafted email to a victim causes their Outlook application to terminate immediately. Outlook cannot be restarted. Upon restart, it will terminate again once it retrieves and processes the invalid message. It is not necessary for the victim to open the message or to use the Reading pane. The only way to restore functionality is to access the mail account using a different client (i.e., webmail, or administrative tools) and remove the offending email(s) from the mailbox before restarting Outlook.\n\n## 3 mysterious vulnerabilities\n\n * CERT/CC: CVE-2022-34303 Crypto Pro Boot Loader Bypass\n * CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass\n * CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass\n\nThey came from the US CERT Coordination Center.\n\n 1. No one writes anything about them, only Tenable. "security bypass vulnerabilities in a third-party driver affecting Windows Secure Boot". \n 2. Maybe this is of course a coincidence and we are talking about other software, but isn't Crypto Pro a Russian [CryptoPro](<https://www.cryptopro.ru/>), "the company\u2019s main activity is cryptographic software development and public key infrastructure solutions based on national and international standards."?\n 3. Isn't Eurosoft a [Russian Eurosoft](<http://eurosoft.ru/>), "software for architectural design"? \n\nIt's all very curious.\n\nFull Vulristics report: [ms_patch_tuesday_august2022](<https://avleonov.com/vulristics_reports/ms_patch_tuesday_august2022_report_with_comments_ext_img.html>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-08-23T00:00:26", "type": "avleonov", "title": "Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0796", "CVE-2022-21980", "CVE-2022-24477", "CVE-2022-24516", "CVE-2022-2623", "CVE-2022-26233", "CVE-2022-30133", "CVE-2022-30190", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34691", "CVE-2022-34713", "CVE-2022-34715", "CVE-2022-35742", "CVE-2022-35744", "CVE-2022-35755", "CVE-2022-35766", "CVE-2022-35777", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35804", "CVE-2022-35825", "CVE-2022-35826", "CVE-2022-35827"], "modified": "2022-08-23T00:00:26", "id": "AVLEONOV:37BE727F2D0C216B8B10BD6CBE6BD061", "href": "https://avleonov.com/2022/08/23/microsoft-patch-tuesday-august-2022-dogwalk-exchange-eops-13-potentially-dangerous-2-funny-3-mysterious-vulnerabilities/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2022-09-14T00:03:27", "description": "# **Microsoft Patch Tuesday Summary**\n\nMicrosoft has fixed 121 vulnerabilities (aka flaws) in the August 2022 update, including 17 vulnerabilities classified as **_Critical_** as they allow Elevation of Privilege (EoP) and Remote Code Execution (RCE). This month's Patch Tuesday fixes two (2) zero-day vulnerabilities, with one (1) actively exploited***** in attacks ([CVE-2022-34713](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713>)*****,[ CVE-2022-30134](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30134>)). Earlier this month, August 5, 2022, Microsoft also released 20 Microsoft Edge (Chromium-Based) updates addressing Elevation of Privilege (EoP), Remote Code Execution (RCE), and Security Feature Bypass with severities of Low, Moderate, and Important respectively.\n\nMicrosoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Microsoft Edge (Chromium-based), Remote Code Execution (RCE), Security Feature Bypass, and Spoofing.\n\n## **The August 2022 Microsoft vulnerabilities are classified as follows:**\n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/August2022-ImpactSeverityRoundUp-1.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [Related Threat Protection Post](<https://threatprotect.qualys.com/2022/08/10/microsoft-patches-121-vulnerabilities-with-two-zero-days-and-17-critical-plus-20-microsoft-edge-chromium-based-in-august-2022-patch-tuesday/>)\n\n# **Notable Microsoft Vulnerabilities Patched**\n\nA vulnerability is classified as a zero-day if it is publicly disclosed or actively exploited with no official fix available.\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-34713](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713>) | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.8/10.\n\nIn May, Microsoft released a [blog](<https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/>) giving guidance for a vulnerability in MSDT and released updates to address it shortly thereafter. Public discussion of a vulnerability can encourage further scrutiny on the component, both by Microsoft security personnel as well as their research partners. _This CVE is a variant of the vulnerability publicly known as Dogwalk._\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Detected_**\n\n> ![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) Qualys director of vulnerability and threat research, [Bharat Jogi](<https://blog.qualys.com/author/bharat_jogi>), said DogWalk had actually been reported back in 2019 but at the time was not thought to be dangerous as it required \u201csignificant user interaction to exploit,\u201d and there were other mitigations in place.\n> \n> - _Excerpt from [Surge in CVEs as Microsoft Fixes Exploited Zero Day Bug](<https://www.infosecurity-magazine.com/news/surge-cves-microsoft-fixes/>)_\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-30134](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30134>) | Microsoft Exchange Information Disclosure Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.6/10.\n\nThis vulnerability requires that a user with an affected version of Exchange Server access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message. For more information, see [Exchange Server Sup](<https://aka.ms/ExchangeEPDoc>)[port for Windows Extended Protection](<https://microsoft.github.io/CSS-Exchange/Security/Extended-Protection/>) and/or [The Exchange Blog](<https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2022-exchange-server-security-updates/ba-p/3593862>).\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Unlikely_**\n\n* * *\n\n## **Security Feature Bypass Vulnerabilities Addressed**\n\nThese are **standalone security updates**. These packages must be installed in addition to the normal security updates to be protected from this vulnerability.\n\nThese security updates have a Servicing Stack Update prerequisite for specific KB numbers. The packages have a built-in pre-requisite logic to ensure the ordering.\n\nMicrosoft customers should ensure they have installed the latest Servicing Stack Update before installing these standalone security updates. See [ADV990001 | Latest Servicing Stack Updates](<https://msrc.microsoft.com/update-guide/security-guidance/advisory/ADV990001>) for more information.\n\nAn attacker who successfully exploited either of these three (3) vulnerabilities could bypass Secure Boot.\n\n### CERT/CC: [CVE-2022-34301](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34301>) Eurosoft Boot Loader Bypass\n\n### CERT/CC: [CVE-2022-34302](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34302>) New Horizon Data Systems Inc Boot Loader Bypass\n\n### CERT/CC: [CVE-2022-34303](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34303>) Crypto Pro Boot Loader Bypass\n\nAt the time of publication, a CVSSv3.1 score has not been assigned.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation More Like_**ly\n\n* * *\n\n## **Microsoft Critical and Important Vulnerability Highlights**\n\nThis month\u2019s [advisory](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug>) covers multiple Microsoft product families, including Azure, Browser, Developer Tools, [Extended Security Updates (ESU)](<https://docs.microsoft.com/en-us/lifecycle/faq/extended-security-updates>), Exchange Server, Microsoft Office, System Center,, and Windows.\n\nA total of 86 unique Microsoft products/versions are affected, including .NET, Azure, Edge (Chromium-based), Excel, Exchange Server (Cumulative Update), Microsoft 365 Apps for Enterprise, Office, Open Management Infrastructure, Outlook, and System Center Operations Manager (SCOM), Visual Studio, Windows Desktop, and Windows Server.\n\nDownloads include IE Cumulative, Monthly Rollup, Security Only, and Security Updates.\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-35766](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35766>), [CVE-2022-35794](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35794>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 8.1/10.\n\nSuccessful exploitation of this vulnerability requires an attacker to win a race condition.\n\nAn unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-30133](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30133>), [CVE-2022-35744](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35744>) | Windows Point-to-Point Protocol (PPP) Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 9.8/10.\n\nThis vulnerability can only be exploited by communicating via Port 1723. As a temporary workaround prior to installing the updates that address this vulnerability, you can block traffic through that port thus rendering the vulnerability unexploitable. **Warning**: Disabling Port 1723 could affect communications over your network.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-34691](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691>) | Active Directory Domain Services Elevation of Privilege (EoP) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 8.8/10.\n\nThis vulnerability can only be exploited by communicating via Port 1723. As a temporary workaround An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.\n\nPlease see [Certificate-based authentication changes on Windows domain controllers](<https://support.microsoft.com/en-us/topic/kb5014754-certificate-based-authentication-changes-on-windows-domain-controllers-ad2c23b0-15d8-4340-a468-4d4f3b188f16>) for more information and ways to protect your domain.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-33646](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33646>) | Azure Batch Node Agent Elevation of Privilege (EoP) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.0/10.\n\nSuccessful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation More Likely_**\n\n* * *\n\n## **Microsoft Edge | Last But Not Least**\n\nEarlier in August, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities [CVE-2022-33636](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33636>), [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-2294>)[CVE-2022-33649](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33649>), and [CVE-2022-35796](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35796>). The vulnerability assigned to each of these CVEs is in the Chromium Open Source Software (OSS) which is consumed by Microsoft Edge. It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. For more information, please see [Security Update Guide Supports CVEs Assigned by Industry Partners](<https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/>).\n\n### [CVE-2022-33649](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33649>) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 9.6/10.\n\nAn attacker could host a specially crafted website designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email. \n\nThe user would have to click on a specially crafted URL to be compromised by the attacker.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33649>)[CVE-2022-33636](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33636>), [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33636>)[CVE-2022-35796](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35796>) | Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 8.3/10. _[Per Microsoft's severity guidelines](<https://www.microsoft.com/en-us/msrc/bounty-new-edge>), the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity. The CVSS scoring system doesn't allow for this type of nuance._\n\nAn attacker could host a specially crafted website designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. However, in all cases, an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email.\n\nSuccessful exploitation of this vulnerability requires an attacker to win a race condition.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n# **Adobe Security Bulletins and Advisories**\n\nAdobe released five (5) [advisories](<https://helpx.adobe.com/security/security-bulletin.html>) with updates to fix 25 vulnerabilities affecting Adobe Acrobat and Reader, Commerce, FrameMaker, Illustrator, and Premiere Elements applications. Of these 25 vulnerabilities, 15 are rated as **_[Critical](<https://helpx.adobe.com/security/severity-ratings.html>)_**; ranging in severity from a CVSS score of 7.8/10 to 9.1/10, as summarized below.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/AdobeAugust2022-ImpactSeverityRoundUp-1.png)\n\n* * *\n\n### [APSB22-38](<https://helpx.adobe.com/security/products/magento/apsb22-38.html>) | Security update available for Adobe Commerce\n\nThis update resolves seven (7) vulnerabilities:\n\n * Four (4) **_[_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n * Two (2) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n * One (1) **_[Moderate](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves [critical](<https://helpx.adobe.com/security/severity-ratings.html>), [important](<https://helpx.adobe.com/security/severity-ratings.html>), and [moderate](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, and security feature bypass.\n\n* * *\n\n### [APSB22-39](<https://helpx.adobe.com/security/products/acrobat/apsb22-39.html>) | Security update available for Adobe Acrobat and Reader\n\nThis update resolves seven (7) vulnerabilities:\n\n * Three (3) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * Four (4) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 2_\n\nAdobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak.\n\n* * *\n\n### [APSB22-41](<https://helpx.adobe.com/security/products/illustrator/apsb22-41.html>) | Security Updates Available for Adobe Illustrator\n\nThis update resolves four (4) vulnerabilities:\n\n * Two (2) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * Two (2) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released an update for Adobe Illustrator 2022. This update resolves [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities that could lead to arbitrary code execution and memory leak.\n\n* * *\n\n### [APSB22-42](<https://helpx.adobe.com/security/products/framemaker/apsb22-42.html>) | Security update available for Adobe FrameMaker\n\nThis update resolves six (6) vulnerabilities:\n\n * Five (5) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * One (1) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released a security update for Adobe FrameMaker. This update addresses multiple [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution \nand memory leak. \n\n* * *\n\n### [APSB22-43](<https://helpx.adobe.com/security/products/premiere_elements/apsb22-43.html>) | Security update available for Adobe Premiere Elements\n\nThis update resolves one (1) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerability.\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released a security update for Adobe FrameMaker. This update addresses multiple [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution \nand memory leak. \n\n* * *\n\n# **About Qualys Patch Tuesday**\n\nQualys Patch Tuesday QIDs are published as [Security Alerts](<https://www.qualys.com/research/security-alerts/>) typically late in the evening on the day of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed later by the publication of the monthly queries for the [Unified Dashboard: 2022 Patch Tuesday (QID Based) Dashboard](<https://success.qualys.com/discussions/s/article/000006821>) by Noon on Wednesday.\n\n## Qualys [Threat Protection](<https://www.qualys.com/apps/threat-protection/>) High-Rated Advisories for August 1-9, 2022 _New Content_\n\n * [Microsoft Patches 121 Vulnerabilities with Two Zero-days and 17 Critical; Plus 20 Microsoft Edge (Chromium-Based) in August 2022 Patch Tuesday](<https://threatprotect.qualys.com/2022/08/10/microsoft-patches-121-vulnerabilities-with-two-zero-days-and-17-critical-plus-20-microsoft-edge-chromium-based-in-august-2022-patch-tuesday/>)\n * [VMware vRealize Operations Multiple Vulnerabilities Patched in the Latest Security update (CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, & CVE-2022-31675)](<https://threatprotect.qualys.com/2022/08/10/vmware-vrealize-operations-multiple-vulnerabilities-patched-in-the-latest-security-update-cve-2022-31672-cve-2022-31673-cve-2022-31674-cve-2022-31675/>)\n * [Cisco Patched Small Business RV Series Routers Multiple Vulnerabilities (CVE-2022-20827, CVE-2022-20841, and CVE-2022-20842)](<https://threatprotect.qualys.com/2022/08/04/cisco-patched-small-business-rv-series-routers-multiple-vulnerabilities-cve-2022-20827-cve-2022-20841-and-cve-2022-20842/>)\n * [VMware Patched Multiple Vulnerabilities in VMware Products including Identity Manager (vIDM) and Workspace ONE Access](<https://threatprotect.qualys.com/2022/08/03/vmware-patched-multiple-vulnerabilities-in-vmware-products-including-identity-manager-vidm-and-workspace-one-access/>)\n * [Atlassian Confluence Server and Confluence Data Center \u2013 Questions for Confluence App \u2013 Hardcoded Password Vulnerability (CVE-2022-26138)](<https://threatprotect.qualys.com/2022/08/01/atlassian-confluence-server-and-confluence-data-center-questions-for-confluence-app-hardcoded-password-vulnerability-cve-2022-26138/>)\n\n* * *\n\n## Discover and Prioritize Vulnerabilities in [Vulnerability Management Detection Response (VMDR)](<https://www.qualys.com/apps/vulnerability-management-detection-response/>) \n\nQualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its KnowledgeBase (KB). \n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n \n \n vulnerabilities.vulnerability:( qid:`50121` OR qid:`91929` OR qid:`91931` OR qid:`91932` OR qid:`91933` OR qid:`91934` OR qid:`91935` OR qid:`91936` OR qid:`110413` OR qid:`110414` OR qid:`376813` ) \n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/VMDR_2022AUG-1070x488.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [A Deep Dive into VMDR 2.0 with Qualys TruRisk\u2122](<https://blog.qualys.com/product-tech/2022/08/08/a-deep-dive-into-vmdr-2-0-with-qualys-trurisk>) _The old way of ranking vulnerabilities doesn\u2019t work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delivered by Qualys TruRisk, the criteria used to compute them, and how they can be used to prioritize remediation._\n\n* * *\n\n## Rapid Response with [Patch Management (PM)](<https://www.qualys.com/apps/patch-management/>)\n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches in one go.\n\nThe following QQL will return the missing patches for this Patch Tuesday:\n \n \n ( qid:`50121` OR qid:`91929` OR qid:`91931` OR qid:`91932` OR qid:`91933` OR qid:`91934` OR qid:`91935` OR qid:`91936` OR qid:`110413` OR qid:`110414` OR qid:`376813` ) \n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/PATCH_2022AUG-1070x488.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0](<https://blog.qualys.com/product-tech/2022/06/22/risk-based-remediation-powered-by-patch-management-in-qualys-vmdr-2-0>)\n\n* * *\n\n## Evaluate Vendor-Suggested Workarounds with [Policy Compliance](<https://www.qualys.com/forms/policy-compliance/>) _New Content_\n\nQualys\u2019 [Policy Compliance Control Library](<https://vimeo.com/700790353>) makes it easy to evaluate your technology infrastructure when the current situation requires the implementation of a vendor-suggested workaround. A workaround is a method, sometimes used temporarily, for achieving a task or goal when the usual or planned method isn't working. Information technology often uses a workaround to overcome hardware, programming, or communication problems. Once a problem is fixed, a workaround is usually abandoned. _ [Source](<https://www.techtarget.com/whatis/definition/workaround>)_\n\nThe following Qualys [Policy Compliance Control IDs (CIDs), and System Defined Controls (SDC) ](<https://qualysguard.qg2.apps.qualys.com/qwebhelp/fo_portal/module_pc/controls/controls_lp.htm>)have been updated to support Microsoft recommended workaround for this Patch Tuesday:\n\n#### **[CVE-2022-35793](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35793>) | Windows Print Spooler Elevation of Privilege (EoP) Vulnerability**\n\nThis vulnerability has a CVSSv3.1 score of 7.3/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * 1368: Status of the \u2018Print Spooler\u2019 service\n * 21711: Status of the \u2018Allow Print Spooler to accept client connections\u2019 group policy setting \n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): Exploitation More Likely\n\n* * *\n\n#### **[CVE-2022-35804](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35804>)** | **SMB Client and Server Remote Code Execution (RCE) Vulnerability**\n\nThis vulnerability has a CVSSv3.1 score of 8.8/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * 24476: Status of the SMBv3 Client compressions setting\n * 20233: Status of the SMBv3 Server compressions setting \n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): Exploitation More Likely\n\n* * *\n\n#### ****[CVE-2022-35755](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35755>)** | **Windows Print Spooler Elevation of Privilege (EoP) Vulnerability****\n\nThis vulnerability has a CVSSv3.1 score of 7.3/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * 1368: Status of the \u2018Print Spooler\u2019 service\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): Exploitation More Likely\n\n* * *\n\n#### **[CVE-2022-30133](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30133>)**, **[CVE-2022-35744](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35744>)** | **Windows Point-to-Point Protocol (PPP) Remote Code Execution (RCE) Vulnerability** \n\nThis vulnerability has a CVSSv3.1 score of 9.8/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * 11220: List of \u2018Inbound Rules\u2019 configured in Windows Firewall with Advanced Security via GPO\n * 14028: List of \u2018Outbound Rules\u2019 configured in Windows Firewall with Advanced Security via GPO\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): Exploitation Less Likely\n\n* * *\n\n#### **[CVE-2022-34715](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34715>): Windows Network File System Remote Code Execution (RCE) Vulnerability** \n\nThis vulnerability has a CVSSv3.1 score of 9.8/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * 24139: Status of the Windows Network File System (NFSV4) service\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): Exploitation Less Likely\n\n* * *\n\n#### ****[CVE-2022-34691](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691>): Active Directory Domain Services Elevation of Privilege (EoP) Vulnerability****\n\nThis vulnerability has a CVSSv3.1 score of 8.8/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * 4079: Status of the \u2018Active Directory Certificate Service\u2019\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): Exploitation Less Likely\n\n* * *\n\nThe following QQL will return a posture assessment for the CIDs for this Patch Tuesday:\n \n \n control:( id:`1368` OR id:`4079` OR id:`11220` OR id:`14028` OR id:`20233` OR id:`21711` OR id:`24139` OR id:`24476` ) \n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/PC_2022AUG-1070x488.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/qualys-shield.jpg) [Mitigating the Risk of Zero-Day Vulnerabilities by using Compensating Controls](<https://blog.qualys.com/vulnerabilities-threat-research/2022/08/23/mitigating-the-risk-of-zero-day-vulnerabilities-by-using-compensating-controls>)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/qualys-shield.jpg) [Policy Compliance (PC) | Policy Library Update Blogs](<https://notifications.qualys.com/tag/policy-library>)\n\n* * *\n\n##### Patch Tuesday is Complete.\n\n* * *\n\n# Qualys Monthly Webinar Series \n\n![This image has an empty alt attribute; its file name is image-1070x560.jpeg](https://blog.qualys.com/wp-content/uploads/2022/03/image-1070x560.jpeg)\n\nThe Qualys Research team hosts a monthly webinar series to help our existing customers leverage the seamless integration between Qualys[ Vulnerability Management Detection Response (VMDR)](<https://www.qualys.com/apps/vulnerability-management-detection-response/>) and Qualys [Patch Management](<https://www.qualys.com/apps/patch-management/>). Combining these two solutions can reduce the median time to remediate critical vulnerabilities. \n\nDuring the webcast, we will discuss this month\u2019s high-impact vulnerabilities, including those that are part of this month's Patch Tuesday alert. We will walk you through the necessary steps to address the key vulnerabilities using Qualys VMDR and Qualys Patch Management. \n\n* * *\n\n### **Join the webinar**\n\n## **This Month in Vulnerabilities & Patches**\n\n[Register Now](<https://gateway.on24.com/wcc/eh/3347108/category/97049/patch-tuesday>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-08-09T20:00:00", "type": "qualysblog", "title": "August 2022 Patch Tuesday | Microsoft Releases 121 Vulnerabilities with 17 Critical, plus 20 Microsoft Edge (Chromium-Based); Adobe Releases 5 Advisories, 25 Vulnerabilities with 15 Critical.", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-20827", "CVE-2022-20841", "CVE-2022-20842", "CVE-2022-22047", "CVE-2022-2294", "CVE-2022-26138", "CVE-2022-30133", "CVE-2022-30134", "CVE-2022-30190", "CVE-2022-31672", "CVE-2022-31673", "CVE-2022-31674", "CVE-2022-31675", "CVE-2022-33636", "CVE-2022-33646", "CVE-2022-33649", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34691", "CVE-2022-34713", "CVE-2022-34715", "CVE-2022-35744", "CVE-2022-35755", "CVE-2022-35766", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35796", "CVE-2022-35804"], "modified": "2022-08-09T20:00:00", "id": "QUALYSBLOG:AC756D2C7DB65BB8BC9FBD558B7F3AD3", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2022-08-10T00:04:15", "description": "![Patch Tuesday - August 2022](https://blog.rapid7.com/content/images/2022/08/patches-2.jpg)\n\nIt's the week of [Hacker Summer Camp](<https://www.rapid7.com/blog/post/2022/08/04/what-were-looking-forward-to-at-black-hat-def-con-and-bsideslv-2022/>) in Las Vegas, and Microsoft has [published](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug>) fixes for 141 separate vulnerabilities in their swath of August updates. This is a new monthly record by raw CVE count, but from a patching perspective, the numbers are slightly less dire. 20 CVEs affect their Chromium-based Edge browser, and 34 affect Azure Site Recovery (up from 32 CVEs affecting that product last month). As usual, OS-level updates will address a lot of these, but note that some extra configuration is required to fully protect Exchange Server this month.\n\nThere is one 0-day being patched this month. [CVE-2022-34713](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34713>) is a remote code execution (RCE) vulnerability affecting the Microsoft Windows Support Diagnostic Tool (MSDT) \u2013 it carries a CVSSv3 base score of 7.8, as it requires convincing a potential victim to open a malicious file. The advisory indicates that this CVE is a variant of the \u201cDogwalk\u201d vulnerability, which made news alongside [Follina](<https://www.rapid7.com/blog/post/2022/05/31/cve-2022-30190-follina-microsoft-support-diagnostic-tool-vulnerability/>) (CVE-2022-30190) back in May.\n\nPublicly disclosed, but not (yet) exploited is [CVE-2022-30134](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30134>), an Information Disclosure vulnerability affecting Exchange Server. In this case, simply patching is not sufficient to protect against attackers being able to read targeted email messages. Administrators should [enable Extended Protection](<https://microsoft.github.io/CSS-Exchange/Security/Extended-Protection/>) in order to fully remediate this vulnerability, as well as [the](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21979>) [five](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21980>) [other](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24516>) [vulnerabilities](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24477>) [affecting](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34692>) Exchange this month. Details about how to accomplish this are available via the [Exchange Blog](<https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2022-exchange-server-security-updates/ba-p/3593862>).\n\nMicrosoft also patched several flaws affecting Remote Access Server (RAS). The most severe of these ([CVE-2022-30133](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30133>) and [CVE-2022-35744](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35744>)) are related to Windows Point-to-Point Tunneling Protocol and could allow RCE simply by sending a malicious connection request to a server. Seven CVEs affecting the Windows Secure Socket Tunneling Protocol (SSTP) on RAS were also fixed this month: six RCEs and one Denial of Service. If you have RAS in your environment but are unable to patch immediately, consider blocking traffic on port 1723 from your network.\n\nVulnerabilities affecting Windows Network File System (NFS) have been trending in recent months, and today sees Microsoft patching [CVE-2022-34715](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34715>) (RCE, CVSS 9.8) affecting NFSv4.1 on Windows Server 2022.\n\nThis is the worst of it. One last vulnerability to highlight: [CVE-2022-35797](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35797>) is a Security Feature Bypass in [Windows Hello](<https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-face-authentication#external-camera-security>) \u2013 Microsoft\u2019s biometric authentication mechanism for Windows 10. Successful exploitation requires physical access to a system, but would allow an attacker to bypass a facial recognition check.\n\n## Summary charts\n\n![Patch Tuesday - August 2022](https://blog.rapid7.com/content/images/2022/08/2022-08-vuln_count_severity.png)![Patch Tuesday - August 2022](https://blog.rapid7.com/content/images/2022/08/2022-08-vuln_count_impact.png)![Patch Tuesday - August 2022](https://blog.rapid7.com/content/images/2022/08/2022-08-cvssv3_hist.png)![Patch Tuesday - August 2022](https://blog.rapid7.com/content/images/2022/08/2022-08-vuln_count_component.png)\n\n## Summary tables\n\n### Azure vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-35802](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35802>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-30175](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30175>) | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-30176](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30176>) | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34687](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34687>) | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35773](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35773>) | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35779](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35779>) | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35806](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35806>) | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35772](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35772>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-35824](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35824>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-33646](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33646>) | Azure Batch Node Agent Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-35780](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35780>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35781](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35781>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35799](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35799>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35775](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35775>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35801](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35801>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35807](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35807>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35808>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35782](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35782>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35809>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35784](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35784>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35810](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35810>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35811](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35811>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35785](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35785>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35786](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35786>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35813](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35813>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35788](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35788>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35814](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35814>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35789](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35789>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35815](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35815>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35790](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35790>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35816](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35816>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35817](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35817>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35791](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35791>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35818](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35818>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35819](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35819>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35776](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35776>) | Azure Site Recovery Denial of Service Vulnerability | No | No | 6.2 | Yes \n[CVE-2022-34685](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34685>) | Azure RTOS GUIX Studio Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34686](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34686>) | Azure RTOS GUIX Studio Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-35774](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35774>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 4.9 | Yes \n[CVE-2022-35800](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35800>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 4.9 | Yes \n[CVE-2022-35787](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35787>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 4.9 | Yes \n[CVE-2022-35821](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35821>) | Azure Sphere Information Disclosure Vulnerability | No | No | 4.4 | Yes \n[CVE-2022-35783](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35783>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 4.4 | Yes \n[CVE-2022-35812](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35812>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 4.4 | Yes \n \n### Browser vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-33649](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33649>) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | No | No | 9.6 | Yes \n[CVE-2022-33636](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33636>) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | No | No | 8.3 | Yes \n[CVE-2022-35796](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35796>) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-2624](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2624>) | Chromium: CVE-2022-2624 Heap buffer overflow in PDF | No | No | N/A | Yes \n[CVE-2022-2623](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2623>) | Chromium: CVE-2022-2623 Use after free in Offline | No | No | N/A | Yes \n[CVE-2022-2622](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2622>) | Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing | No | No | N/A | Yes \n[CVE-2022-2621](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2621>) | Chromium: CVE-2022-2621 Use after free in Extensions | No | No | N/A | Yes \n[CVE-2022-2619](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2619>) | Chromium: CVE-2022-2619 Insufficient validation of untrusted input in Settings | No | No | N/A | Yes \n[CVE-2022-2618](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2618>) | Chromium: CVE-2022-2618 Insufficient validation of untrusted input in Internals | No | No | N/A | Yes \n[CVE-2022-2617](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2617>) | Chromium: CVE-2022-2617 Use after free in Extensions API | No | No | N/A | Yes \n[CVE-2022-2616](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2616>) | Chromium: CVE-2022-2616 Inappropriate implementation in Extensions API | No | No | N/A | Yes \n[CVE-2022-2615](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2615>) | Chromium: CVE-2022-2615 Insufficient policy enforcement in Cookies | No | No | N/A | Yes \n[CVE-2022-2614](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2614>) | Chromium: CVE-2022-2614 Use after free in Sign-In Flow | No | No | N/A | Yes \n[CVE-2022-2612](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2612>) | Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard input | No | No | N/A | Yes \n[CVE-2022-2611](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2611>) | Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API | No | No | N/A | Yes \n[CVE-2022-2610](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2610>) | Chromium: CVE-2022-2610 Insufficient policy enforcement in Background Fetch | No | No | N/A | Yes \n[CVE-2022-2606](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2606>) | Chromium: CVE-2022-2606 Use after free in Managed devices API | No | No | N/A | Yes \n[CVE-2022-2605](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2605>) | Chromium: CVE-2022-2605 Out of bounds read in Dawn | No | No | N/A | Yes \n[CVE-2022-2604](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2604>) | Chromium: CVE-2022-2604 Use after free in Safe Browsing | No | No | N/A | Yes \n[CVE-2022-2603](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2603>) | Chromium: CVE-2022-2603 Use after free in Omnibox | No | No | N/A | Yes \n \n### Developer Tools vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-35777](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35777>) | Visual Studio Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35825](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35825>) | Visual Studio Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35826](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35826>) | Visual Studio Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35827](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35827>) | Visual Studio Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34716](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716>) | .NET Spoofing Vulnerability | No | No | 5.9 | Yes \n \n### ESU Windows vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-30133](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30133>) | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2022-35744](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35744>) | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2022-34691](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34691>) | Active Directory Domain Services Elevation of Privilege Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34714](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34714>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-35745](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35745>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-35752](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35752>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-35753](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35753>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-34702](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34702>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-35767](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35767>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-34706](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34706>) | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34707](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34707>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35768](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35768>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35756](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35756>) | Windows Kerberos Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35751](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35751>) | Windows Hyper-V Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35795](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35795>) | Windows Error Reporting Service Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35820](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35820>) | Windows Bluetooth Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35750](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35750>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34713](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34713>) | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | Yes | Yes | 7.8 | Yes \n[CVE-2022-35743](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35743>) | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35760](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35760>) | Microsoft ATA Port Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-30194](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30194>) | Windows WebBrowser Control Remote Code Execution Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-35769](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35769>) | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-35793](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35793>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.3 | Yes \n[CVE-2022-34690](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34690>) | Windows Fax Service Elevation of Privilege Vulnerability | No | No | 7.1 | Yes \n[CVE-2022-35759](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35759>) | Windows Local Security Authority (LSA) Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2022-35747](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35747>) | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | No | No | 5.9 | Yes \n[CVE-2022-35758](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35758>) | Windows Kernel Memory Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34708](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34708>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34701>) | Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability | No | No | 5.3 | No \n \n### Exchange Server vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-21980](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21980>) | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | No | 8 | Yes \n[CVE-2022-24516](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24516>) | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | No | 8 | Yes \n[CVE-2022-24477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24477>) | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | No | 8 | Yes \n[CVE-2022-30134](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30134>) | Microsoft Exchange Information Disclosure Vulnerability | No | Yes | 7.6 | Yes \n[CVE-2022-34692](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34692>) | Microsoft Exchange Information Disclosure Vulnerability | No | No | 5.3 | Yes \n[CVE-2022-21979](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21979>) | Microsoft Exchange Information Disclosure Vulnerability | No | No | 4.8 | Yes \n \n### Microsoft Office vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-34717](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34717>) | Microsoft Office Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-33648](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33648>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35742](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35742>) | Microsoft Outlook Denial of Service Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-33631](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33631>) | Microsoft Excel Security Feature Bypass Vulnerability | No | No | 7.3 | Yes \n \n### System Center Azure vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-33640](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33640>) | System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n### Windows vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-34715](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34715>) | Windows Network File System Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2022-35804](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35804>) | SMB Client and Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35761](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35761>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 8.4 | Yes \n[CVE-2022-35766](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35766>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-35794](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35794>) | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-34699](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34699>) | Windows Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-33670](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33670>) | Windows Partition Management Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34703](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34703>) | Windows Partition Management Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34696](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34696>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35746](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35746>) | Windows Digital Media Receiver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35749](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35749>) | Windows Digital Media Receiver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34705](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34705>) | Windows Defender Credential Guard Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35771](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35771>) | Windows Defender Credential Guard Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35762](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35762>) | Storage Spaces Direct Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35763](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35763>) | Storage Spaces Direct Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35764](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35764>) | Storage Spaces Direct Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35765](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35765>) | Storage Spaces Direct Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35792](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35792>) | Storage Spaces Direct Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-30144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30144>) | Windows Bluetooth Service Remote Code Execution Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-35748](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35748>) | HTTP.sys Denial of Service Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-35755](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35755>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.3 | Yes \n[CVE-2022-35757](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35757>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | No | No | 7.3 | Yes \n[CVE-2022-35754](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35754>) | Unified Write Filter Elevation of Privilege Vulnerability | No | No | 6.7 | Yes \n[CVE-2022-35797](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35797>) | Windows Hello Security Feature Bypass Vulnerability | No | No | 6.1 | Yes \n[CVE-2022-34709](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34709>) | Windows Defender Credential Guard Security Feature Bypass Vulnerability | No | No | 6 | Yes \n[CVE-2022-30197](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30197>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34710](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34710>) | Windows Defender Credential Guard Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34712](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34712>) | Windows Defender Credential Guard Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34704](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34704>) | Windows Defender Credential Guard Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34303](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34303>) | CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass | No | No | N/A | Yes \n[CVE-2022-34302](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34302>) | CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass | No | No | N/A | Yes \n[CVE-2022-34301](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34301>) | CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass | No | No | N/A | Yes \n \n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-09T19:34:51", "type": "rapid7blog", "title": "Patch Tuesday - August 2022", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21979", "CVE-2022-21980", "CVE-2022-24477", "CVE-2022-24516", "CVE-2022-2603", "CVE-2022-2604", "CVE-2022-2605", "CVE-2022-2606", "CVE-2022-2610", "CVE-2022-2611", "CVE-2022-2612", "CVE-2022-2614", "CVE-2022-2615", "CVE-2022-2616", "CVE-2022-2617", "CVE-2022-2618", "CVE-2022-2619", "CVE-2022-2621", "CVE-2022-2622", "CVE-2022-2623", "CVE-2022-2624", "CVE-2022-30133", "CVE-2022-30134", "CVE-2022-30144", "CVE-2022-30175", "CVE-2022-30176", "CVE-2022-30190", "CVE-2022-30194", "CVE-2022-30197", "CVE-2022-33631", "CVE-2022-33636", "CVE-2022-33640", "CVE-2022-33646", "CVE-2022-33648", "CVE-2022-33649", "CVE-2022-33670", "CVE-2022-34301", "CVE-2022-34302", "CVE-2022-34303", "CVE-2022-34685", "CVE-2022-34686", "CVE-2022-34687", "CVE-2022-34690", "CVE-2022-34691", "CVE-2022-34692", "CVE-2022-34696", "CVE-2022-34699", "CVE-2022-34701", "CVE-2022-34702", "CVE-2022-34703", "CVE-2022-34704", "CVE-2022-34705", "CVE-2022-34706", "CVE-2022-34707", "CVE-2022-34708", "CVE-2022-34709", "CVE-2022-34710", "CVE-2022-34712", "CVE-2022-34713", "CVE-2022-34714", "CVE-2022-34715", "CVE-2022-34716", "CVE-2022-34717", "CVE-2022-35742", "CVE-2022-35743", "CVE-2022-35744", "CVE-2022-35745", "CVE-2022-35746", "CVE-2022-35747", "CVE-2022-35748", "CVE-2022-35749", "CVE-2022-35750", "CVE-2022-35751", "CVE-2022-35752", "CVE-2022-35753", "CVE-2022-35754", "CVE-2022-35755", "CVE-2022-35756", "CVE-2022-35757", "CVE-2022-35758", "CVE-2022-35759", "CVE-2022-35760", "CVE-2022-35761", "CVE-2022-35762", "CVE-2022-35763", "CVE-2022-35764", "CVE-2022-35765", "CVE-2022-35766", "CVE-2022-35767", "CVE-2022-35768", "CVE-2022-35769", "CVE-2022-35771", "CVE-2022-35772", "CVE-2022-35773", "CVE-2022-35774", "CVE-2022-35775", "CVE-2022-35776", "CVE-2022-35777", "CVE-2022-35779", "CVE-2022-35780", "CVE-2022-35781", "CVE-2022-35782", "CVE-2022-35783", "CVE-2022-35784", "CVE-2022-35785", "CVE-2022-35786", "CVE-2022-35787", "CVE-2022-35788", "CVE-2022-35789", "CVE-2022-35790", "CVE-2022-35791", "CVE-2022-35792", "CVE-2022-35793", "CVE-2022-35794", "CVE-2022-35795", "CVE-2022-35796", "CVE-2022-35797", "CVE-2022-35799", "CVE-2022-35800", "CVE-2022-35801", "CVE-2022-35802", "CVE-2022-35804", "CVE-2022-35806", "CVE-2022-35807", "CVE-2022-35808", "CVE-2022-35809", "CVE-2022-35810", "CVE-2022-35811", "CVE-2022-35812", "CVE-2022-35813", "CVE-2022-35814", "CVE-2022-35815", "CVE-2022-35816", "CVE-2022-35817", "CVE-2022-35818", "CVE-2022-35819", "CVE-2022-35820", "CVE-2022-35821", "CVE-2022-35824", "CVE-2022-35825", "CVE-2022-35826", "CVE-2022-35827"], "modified": "2022-08-09T19:34:51", "id": "RAPID7BLOG:882168BD332366CE296FB09DC00E018E", "href": "https://blog.rapid7.com/2022/08/09/patch-tuesday-august-2022/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}