The Windows ‘HEVC Video Extensions’ or ‘HEVC from Device Manufacturer’ app installed on the remote host is affected by multiple code execution vulnerabilities. An attacker who successfully exploits these vulnerabilities could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(158714);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");
script_cve_id(
"CVE-2022-22006",
"CVE-2022-22007",
"CVE-2022-23301",
"CVE-2022-24452",
"CVE-2022-24453",
"CVE-2022-24456"
);
script_name(english:"Microsoft Windows Codecs Library Multiple Vulnerabilities (March 2022)");
script_set_attribute(attribute:"synopsis", value:
"The Windows app installed on the remote host is affected by multiple code execution vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The Windows 'HEVC Video Extensions' or 'HEVC from Device Manufacturer' app installed on the remote host is affected by
multiple code execution vulnerabilities. An attacker who successfully exploits these vulnerabilities could
execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file.");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22006");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22007");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23301");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24452");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24453");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24456");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21917");
script_set_attribute(attribute:"solution", value:
"Upgrade to app version 1.0.50361.0, 1.0.50362.0, or later via the Microsoft Store.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-24456");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"patch_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("smb_hotfixes.nasl", "wmi_enum_windows_app_store.nbin");
script_require_keys("SMB/Registry/Enumerated", "WMI/Windows App Store/Enumerated");
script_require_ports(139, 445);
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
# Thanks to MS for two nearly identical package identity names:
# Microsoft.HEVCVideoExtension - HEVC Video Extensions from Device Manufacturer
# Microsoft.HEVCVideoExtensions - HEVC Video Extensions
var apps = ['Microsoft.HEVCVideoExtension', 'Microsoft.HEVCVideoExtensions'];
var app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [
{ 'fixed_version' : '1.0.50361.0', 'fixed_display' : '1.0.50361.0 / 1.0.50362.0'}
];
vcf::microsoft_appstore::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22006
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22007
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23301
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24453
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24456
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21917
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22006
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22007
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23301
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24452
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24453
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24456