Remote code execution

2023-10-1018:15:00

PRIOn knowledge base

www.prio-n.com

remote code execution

windows

media foundation

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

43.8%

JSON

Windows Media Foundation Core Remote Code Execution Vulnerability

CPENameOperatorVersion
windows_10_1507lt10.0.10240.20232
windows_10_1507lt10.0.10240.20232
windows_10_1607lt10.0.14393.6351
windows_10_1607lt10.0.14393.6351
windows_10_1809lt10.0.17763.4974
windows_10_21h2lt10.0.19041.3570
windows_10_22h2lt10.0.19045.3570
windows_11_21h2lt10.0.22000.2538
windows_11_22h2lt10.0.22621.2428
windows_server_2008eqr2 sp1

Name	Operator	Version
windows_10_1507	lt	10.0.10240.20232
windows_10_1507	lt	10.0.10240.20232
windows_10_1607	lt	10.0.14393.6351
windows_10_1607	lt	10.0.14393.6351
windows_10_1809	lt	10.0.17763.4974
windows_10_21h2	lt	10.0.19041.3570
windows_10_22h2	lt	10.0.19045.3570
windows_11_21h2	lt	10.0.22000.2538
windows_11_22h2	lt	10.0.22621.2428
windows_server_2008	eq	r2 sp1