Microsoft Install Service Elevation of Privilege Vulnerability

2023-07-1107:00:00

Microsoft

msrc.microsoft.com

microsoft

install service

elevation

privilege

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

12.8%

JSON

Affected configurations

Vulners

Node

microsoftwindows_10_22h2Range<10.0.19045.3208

microsoftwindows_11_22h2Range<10.0.22621.1992

microsoftwindows_10_21h2Range<10.0.19044.3208

microsoftwindows_11_21h2Range<10.0.22000.2176

microsoftwindows_server_2022Range<10.0.20348.1850

VendorProductVersionCPE
microsoftwindows_10_22h2*cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
microsoftwindows_11_22h2*cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_10_22h2	*	cpe:2.3:o:microsoft:windows_10_22h2::::::::
microsoft	windows_11_22h2	*	cpe:2.3:o:microsoft:windows_11_22h2::::::::
microsoft	windows_10_21h2	*	cpe:2.3:o:microsoft:windows_10_21h2::::::::
microsoft	windows_11_21h2	*	cpe:2.3:o:microsoft:windows_11_21h2::::::::
microsoft	windows_server_2022	*	cpe:2.3:o:microsoft:windows_server_2022::::::::