Lucene search
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS22_MAR_HEIF.NASLHistoryMar 08, 2022 - 12:00 a.m.
Microsoft Windows HEIF Image Extensions RCE (March 2022)
2022-03-0800:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
135
8.2 High
AI Score
Confidence
High
The Windows HEIF Image Extension app installed on the remote host is affected by a remote code execution vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(158708);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");
script_cve_id("CVE-2022-24457");
script_name(english:"Microsoft Windows HEIF Image Extensions RCE (March 2022)");
script_set_attribute(attribute:"synopsis", value:
"The Windows app installed on the remote host is affected by a remote code execution vulnerability.");
script_set_attribute(attribute:"description", value:
"The Windows HEIF Image Extension app installed on the remote host is affected by a remote code execution
vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation
of the vulnerability requires that a program process a specially crafted file.");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24457");
script_set_attribute(attribute:"solution", value:
"Upgrade to app version 1.0.43012.0 or later via the Microsoft Store.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-24457");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"patch_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("smb_hotfixes.nasl", "wmi_enum_windows_app_store.nbin");
script_require_keys("SMB/Registry/Enumerated", "WMI/Windows App Store/Enumerated");
script_require_ports(139, 445);
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
var apps = ['Microsoft.HEIFImageExtension'];
var app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [
{ 'fixed_version' : '1.0.43012.0'}
];
vcf::microsoft_appstore::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Related
cve
cve
CVE-2022-24457
2022-03-09 17:15:00
cnvd
cnvd
Microsoft HEIF Image Extensions Remote Code Execution Vulnerability
2022-03-10 00:00:00
mscve
mscve
HEIF Image Extensions Remote Code Execution Vulnerability
2022-03-08 08:00:00
prion
prion
Remote code execution
2022-03-09 17:15:00
kaspersky
kaspersky
KLA12483 Multiple vulnerabilities in Microsoft Windows
2022-03-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2022
2022-03-08 21:08:35