Vulners
Lucene search
Microsoft Windows Contact File Remote Code Execution Vulnerability
| Reporter | Title | Published | Views | Family All 47 |
|---|---|---|---|---|
 | Exploit for CVE-2022-44666 | 15 Feb 202318:12 | – | githubexploit |
 | The vulnerability of the Windows Contacts component on Windows operating systems allows a hacker to execute arbitrary code. | 16 Dec 202200:00 | – | bdu_fstec |
 | CVE-2022-44666 | 15 Dec 202217:06 | – | circl |
 | Microsoft Windows Contacts 安全漏洞 | 13 Dec 202200:00 | – | cnnvd |
 | CVE-2022-44666 | 13 Dec 202200:00 | – | cve |
 | CVE-2022-44666 Windows Contacts Remote Code Execution Vulnerability | 13 Dec 202200:00 | – | cvelist |
 | December 13, 2022—KB5021234 (OS Build 22000.1335) | 13 Dec 202208:00 | – | mskb |
| December 13, 2022—KB5021235 (OS Build 14393.5582) - EXPIRED | 13 Dec 202208:00 | – | mskb |
| December 13, 2022—KB5021237 (OS Build 17763.3770) - EXPIRED | 13 Dec 202208:00 | – | mskb |
| December 13, 2022—KB5021243 (OS Build 10240.19624) - EXPIRED | 13 Dec 202208:00 | – | mskb |
10
[-] Microsoft Windows Contact file / Remote Code Execution (Resurrected 2022) / CVE-2022-44666
[+] John Page (aka hyp3rlinx)
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec
Back in 2018 I discovered three related Windows remote code execution vulnerabilities affecting both VCF and Contact files.
They were purchased by Trend Micro Zero Day Initiative (@thezdi) from me and received candidate identifiers ZDI-CAN-6920 and ZDI-CAN-7591.
Microsoft as usual denied a fix and it was subsequently dropped as a zero day on January 10, 2019 in coordination with the ZDI program.
Almost five years passed, until researcher j00sean resurrected the flaws to add additional protocol vectors LDAP etc.
Microsoft finally decided to patch and assign CVE-2022-44666 even though the vulnerabilities are exactly the same.
Old 2019 advisories:
=====================
1) Windows VCF RCE
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-VCF-FILE-INSUFFICIENT-WARNING-REMOTE-CODE-EXECUTION.txt
2) Windows Contact HTML injection
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-HTML-INJECTION-MAILTO-LINK-ARBITRARY-CODE-EXECUTION.txt
3) Windows Contact RCE
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-INSUFFECIENT-UI-WARNING-WEBSITE-LINK-ARBITRARY-CODE-EXECUTION.txt
Circa 2022 updated:
=====================
https://github.com/j00sean/CVE-2022-44666#readme
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-44666
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Feb 2023 00:00Current
8High risk
Vulners AI Score8
CVSS 3.17.8
EPSS0.54911