Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS22_MAR_VP9.NASL
HistoryMar 08, 2022 - 12:00 a.m.

Microsoft Windows VP9 Video Extensions Library Multiple Vulnerabilities (March 2022)

2022-03-0800:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
457

8.7 High

AI Score

Confidence

High

JSON

The Windows ‘VP9 Extensions’ app installed on the remote host is affected by multiple code execution vulnerabilities. An attacker who successfully exploited the vulnerabilities could execute arbitrary code. Exploitation of the vulnerabilities require that a program process a specially crafted file.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(158706);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");

  script_cve_id("CVE-2022-24451", "CVE-2022-24501");

  script_name(english:"Microsoft Windows VP9 Video Extensions Library Multiple Vulnerabilities (March 2022)");

  script_set_attribute(attribute:"synopsis", value:
"The Windows app installed on the remote host is affected by a multiple code execution vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The Windows 'VP9 Extensions' app installed on the remote host is affected by multiple code execution vulnerabilities. An
attacker who successfully exploited the vulnerabilities could execute arbitrary code. Exploitation of the vulnerabilities
require that a program process a specially crafted file.");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24451");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24501");
  script_set_attribute(attribute:"solution", value:
"Upgrade to app version 1.0.42791.0, or later via the Microsoft Store.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-24501");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/03/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_hotfixes.nasl", "wmi_enum_windows_app_store.nbin");
  script_require_keys("SMB/Registry/Enumerated", "WMI/Windows App Store/Enumerated");
  script_require_ports(139, 445);

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

var apps = ['Microsoft.VP9VideoExtensions'];

var app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);

vcf::check_granularity(app_info:app_info, sig_segments:3);

var constraints = [
    { 'fixed_version' : '1.0.42791.0'}
];

vcf::microsoft_appstore::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

Related

mscve 2
cve 2
prion 2
malwarebytes 1
thn 1
hivepro 2
threatpost 1
kaspersky 1
rapid7blog 1
mscve
mscve
VP9 Video Extensions Remote Code Execution Vulnerability
2022-03-08 08:00:00
VP9 Video Extensions Remote Code Execution Vulnerability
2022-03-08 08:00:00
cve
cve
CVE-2022-24501
2022-03-09 17:15:00
CVE-2022-24451
2022-03-09 17:15:00
prion
prion
Remote code execution
2022-03-09 17:15:00
Remote code execution
2022-03-09 17:15:00
malwarebytes
malwarebytes
Update now! Microsoft patches three zero-day vulnerabilities on Patch Tuesday
2022-03-09 19:51:59
thn
thn
Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms
2022-03-09 05:44:00
hivepro
hivepro
Microsoft addressed three zero-day vulnerabilities March 2022 Patch Tuesday Update
2022-03-09 14:14:19
Weekly Threat Digest: 7 – 13 March 2022
2022-03-14 16:24:44
threatpost
threatpost
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
2022-03-08 21:42:06
kaspersky
kaspersky
KLA12483 Multiple vulnerabilities in Microsoft Windows
2022-03-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2022
2022-03-08 21:08:35

8.7 High

AI Score

Confidence

High

JSON
Related for SMB_NT_MS22_MAR_VP9.NASL
mscve2cve2prion2malwarebytes1thn1hivepro2threatpost1kaspersky1rapid7blog1