Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS22_JUN_5014699.NASL
HistoryJun 14, 2022 - 12:00 a.m.

KB5014699: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (June 2022)

2022-06-1400:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
484
JSON

The remote Windows host is missing security update 5014699. It is, therefore, affected by multiple vulnerabilities:

  • An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2022-30166, CVE-2022-30165, CVE-2022-30160 CVE-2022-30154, CVE-2022-30151, CVE-2022-30150, CVE-2022-30147, CVE-2022-30132, CVE-2022-30131)

  • A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application. (CVE-2022-30164)

  • A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-30163, CVE-2022-30161, CVE-2022-30153, CVE-2022-30149, CVE-2022-30146, CVE-2022-30145, CVE-2022-30143, CVE-2022-30142, CVE-2022-30141, CVE-2022-30140, CVE-2022-30139,CVE-2022-30190)

##
# (C) Tenable, Inc.

#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
##

include('compat.inc');

if (description)
{
  script_id(162201);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/01/16");

  script_cve_id(
    "CVE-2022-21123",
    "CVE-2022-21125",
    "CVE-2022-21127",
    "CVE-2022-21166",
    "CVE-2022-30132",
    "CVE-2022-30139",
    "CVE-2022-30140",
    "CVE-2022-30141",
    "CVE-2022-30142",
    "CVE-2022-30143",
    "CVE-2022-30145",
    "CVE-2022-30146",
    "CVE-2022-30147",
    "CVE-2022-30148",
    "CVE-2022-30149",
    "CVE-2022-30150",
    "CVE-2022-30151",
    "CVE-2022-30152",
    "CVE-2022-30153",
    "CVE-2022-30155",
    "CVE-2022-30160",
    "CVE-2022-30161",
    "CVE-2022-30162",
    "CVE-2022-30163",
    "CVE-2022-30164",
    "CVE-2022-30165",
    "CVE-2022-30166",
    "CVE-2022-30189",
    "CVE-2022-30190",
    "CVE-2022-32230"
  );
  script_xref(name:"MSKB", value:"5014699");
  script_xref(name:"MSFT", value:"MS22-5014699");
  script_xref(name:"IAVA", value:"2022-A-0240-S");
  script_xref(name:"IAVA", value:"2022-A-0241-S");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/07/05");
  script_xref(name:"CEA-ID", value:"CEA-2022-0022");

  script_name(english:"KB5014699: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (June 2022)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Windows host is missing security update 5014699. It is, therefore, affected by multiple vulnerabilities:

  - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. 
    (CVE-2022-30166, CVE-2022-30165, CVE-2022-30160 CVE-2022-30154, CVE-2022-30151, CVE-2022-30150, 
     CVE-2022-30147, CVE-2022-30132, CVE-2022-30131)

  - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature 
    and perform unauthorized actions compromising the integrity of the system/application. (CVE-2022-30164)
    
  - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute 
    unauthorized arbitrary commands. (CVE-2022-30163, CVE-2022-30161, CVE-2022-30153, CVE-2022-30149,
    CVE-2022-30146, CVE-2022-30145, CVE-2022-30143, CVE-2022-30142, CVE-2022-30141, CVE-2022-30140,
    CVE-2022-30139,CVE-2022-30190)");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/help/5014699");
  script_set_attribute(attribute:"solution", value:
"Apply Security Update 5014699");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-30190");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-30165");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Microsoft Office Word MSDTJS');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/06/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/06/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_check_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}

include('smb_func.inc');
include('smb_hotfixes.inc');
include('smb_hotfixes_fcheck.inc');
include('smb_reg_query.inc');

get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');

bulletin = 'MS22-06';
kbs = make_list(
  '5014699'
);

if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit('SMB/Registry/Enumerated');
get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);

if (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

os_name = get_kb_item("SMB/ProductName");

if (
    ( ("enterprise" >< tolower(os_name) || "education" >< tolower(os_name))
  &&
    smb_check_rollup(os:'10',
                    os_build:19042,
                    rollup_date:'06_2022',
                    bulletin:bulletin,
                    rollup_kb_list:[5014699]) )
  ||
    smb_check_rollup(os:'10',
                    os_build:19043,
                    rollup_date:'06_2022',
                    bulletin:bulletin,
                    rollup_kb_list:[5014699])
  || 
    smb_check_rollup(os:'10',
                    os_build:19044,
                    rollup_date:'06_2022',
                    bulletin:bulletin,
                    rollup_kb_list:[5014699])
)
{
  replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, hotfix_get_audit_report());
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

References

Related

mskb 15
nessus 43
openvas 18
kaspersky 2
avleonov 1
rapid7blog 1
oraclelinux 11
intel 1
malwarebytes 2
mscve 21
mageia 2
hp 1
qualysblog 1
citrix 1
osv 9
f5 1
debian 1
fedora 3
xen 1
almalinux 2
vmware 1
rocky 3
redhat 10
ubuntu 4
thn 1
ibm 1
centos 1
cve 19
prion 20
checkpoint_advisories 2
mskb
mskb
June 14, 2022—KB5014697 (OS Build 22000.739)
2022-06-14 07:00:00
June 14, 2022—KB5014678 (OS Build 20348.768)
2022-06-14 07:00:00
June 14, 2022—KB5014692 (OS Build 17763.3046)
2022-06-14 07:00:00
nessus
nessus
KB5014702: Windows 10 Version 1607 and Windows Server 2016 Security Update (June 2022)
2022-06-14 00:00:00
KB5014692: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2022)
2022-06-14 00:00:00
KB5014678: Windows Server 2022 Security Update (June 2022)
2022-06-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5014697)
2023-08-08 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5014702)
2022-06-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5014748)
2022-06-15 00:00:00
kaspersky
kaspersky
KLA12568 Multiple vulnerabilities in Microsoft Products (ESU)
2022-06-14 00:00:00
KLA12569 Multiple vulnerabilities in Microsoft Windows
2022-06-14 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2022: Follina RCE, NFSV4.1 RCE, LDAP RCEs and bad patches
2022-06-25 12:32:07
rapid7blog
rapid7blog
Patch Tuesday - June 2022
2022-06-14 19:37:50
oraclelinux
oraclelinux
microcode_ctl security update
2022-06-15 00:00:00
microcode_ctl security update
2022-06-14 00:00:00
microcode_ctl security update
2022-06-23 00:00:00
intel
intel
Intel® Processors MMIO Stale Data Advisory
2022-10-19 00:00:00
malwarebytes
malwarebytes
Intel CPU vulnerabilities fixed. But should you update?
2023-03-06 07:00:00
Update now!  Microsoft patches Follina, and many other security updates
2022-06-15 13:17:05
mscve
mscve
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities
2022-06-14 07:00:00
Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability
2022-06-14 07:00:00
Windows SMB Denial of Service Vulnerability
2022-06-14 07:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-06-29 19:18:17
Updated kernel packages fix security vulnerabilities
2022-06-29 19:18:17
hp
hp
Intel® Processors June 2022 Security Update
2022-06-14 00:00:00
qualysblog
qualysblog
June 2022 Patch Tuesday | Microsoft Releases 55 Vulnerabilities with 3 Critical; Adobe Releases 6 Advisories, 46 Vulnerabilities with 40 Critical.
2022-06-14 20:00:00
citrix
citrix
Citrix Hypervisor Security Update
2022-06-23 20:06:39
osv
osv
intel-microcode - security update
2022-07-06 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 07:36:33
f5
f5
K04808933 : Intel Processors MMIO Stale Data Advisory vulnerabilities CVE-2022-21123, CVE-2022-21125, and CVE-2022-21127
2022-07-18 00:00:00
debian
debian
[SECURITY] [DSA 5178-1] intel-microcode security update
2022-07-06 13:12:52
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-4.fc36
2022-07-01 01:09:33
[SECURITY] Fedora 36 Update: kernel-5.18.5-200.fc36
2022-06-17 01:16:22
[SECURITY] Fedora 35 Update: kernel-5.18.5-100.fc35
2022-06-18 01:45:12
xen
xen
x86: MMIO Stale Data vulnerabilities
2022-06-14 18:21:00
almalinux
almalinux
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
vmware
vmware
VMware ESXi addresses DirectPath I/O (PCI-Passthrough) Information Leak vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)
2022-06-14 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-09-13 07:36:33
kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
microcode_ctl bug fix and enhancement update
2022-11-02 13:51:49
redhat
redhat
(RHSA-2022:6437) Moderate: kernel-rt security and bug fix update
2022-09-13 07:36:33
(RHSA-2022:6460) Moderate: kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
(RHSA-2022:7280) Important: kernel-rt security and bug fix update
2022-11-01 14:04:44
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-06-17 00:00:00
Linux kernel (OEM) vulnerabilities
2022-07-01 00:00:00
Linux kernel vulnerabilities
2022-06-16 00:00:00
thn
thn
Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability
2022-06-15 03:42:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Intel Processors affect IBM Cloud Pak System
2023-03-31 15:06:36
centos
centos
bpftool, kernel, perf, python security update
2022-08-15 17:35:43
cve
cve
CVE-2022-30189
2022-06-15 22:15:00
CVE-2022-30131
2022-06-15 22:15:00
CVE-2022-32230
2022-06-14 22:15:00
prion
prion
Privilege escalation
2022-06-15 22:15:00
Null pointer dereference
2022-06-14 22:15:00
Privilege escalation
2022-06-15 22:15:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Installer Elevation of Privilege (CVE-2022-30147)
2022-06-14 00:00:00
Microsoft Advanced Local Procedure Call Elevation of Privilege (CVE-2022-30160)
2022-06-14 00:00:00
JSON
Related for SMB_NT_MS22_JUN_5014699.NASL
mskb15nessus43openvas18kaspersky2avleonov1rapid7blog1oraclelinux11intel1malwarebytes2mscve21mageia2hp1qualysblog1citrix1osv9f51debian1fedora3xen1almalinux2vmware1rocky3redhat10ubuntu4thn1ibm1centos1cve19prion20checkpoint_advisories2