Microsoft Windows Codecs Library Multiple Vulnerabilities (March 2022)

2022-03-0800:00:00

www.tenable.com

132

8.4 High

AI Score

Confidence

High

JSON

The Windows ‘HEVC Video Extensions’ or ‘HEVC from Device Manufacturer’ app installed on the remote host is affected by multiple code execution vulnerabilities. An attacker who successfully exploits these vulnerabilities could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(158714);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");

  script_cve_id(
    "CVE-2022-22006",
    "CVE-2022-22007",
    "CVE-2022-23301",
    "CVE-2022-24452",
    "CVE-2022-24453",
    "CVE-2022-24456"
  );

  script_name(english:"Microsoft Windows Codecs Library Multiple Vulnerabilities (March 2022)");

  script_set_attribute(attribute:"synopsis", value:
"The Windows app installed on the remote host is affected by multiple code execution vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The Windows 'HEVC Video Extensions' or 'HEVC from Device Manufacturer' app installed on the remote host is affected by
multiple code execution vulnerabilities. An attacker who successfully exploits these vulnerabilities could
execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file.");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22006");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22007");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23301");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24452");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24453");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24456");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21917");
  script_set_attribute(attribute:"solution", value:
"Upgrade to app version 1.0.50361.0, 1.0.50362.0, or later via the Microsoft Store.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-24456");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/03/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_hotfixes.nasl", "wmi_enum_windows_app_store.nbin");
  script_require_keys("SMB/Registry/Enumerated", "WMI/Windows App Store/Enumerated");
  script_require_ports(139, 445);

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

# Thanks to MS for two nearly identical package identity names:
#  Microsoft.HEVCVideoExtension  - HEVC Video Extensions from Device Manufacturer
#  Microsoft.HEVCVideoExtensions - HEVC Video Extensions
var apps = ['Microsoft.HEVCVideoExtension', 'Microsoft.HEVCVideoExtensions'];

var app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);

vcf::check_granularity(app_info:app_info, sig_segments:3);

var constraints = [
    { 'fixed_version' : '1.0.50361.0', 'fixed_display' : '1.0.50361.0 / 1.0.50362.0'}
];

vcf::microsoft_appstore::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

Vendor	Product	Version	CPE
microsoft	windows		cpe:/o:microsoft:windows

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22006

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22007

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23301

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24452

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24453

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24456

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21917

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22006

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22007

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23301

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24452

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24453

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24456

8.4 High

AI Score

Confidence

High

JSON

Related for SMB_NT_MS22_MAR_HEVC.NASL