CVE-2022-21971
Windows Runtime Remote Code Execution Vulnerability
In short
A flaw in Windows Runtime allows an attacker to execute malicious code remotely on affected systems. This vulnerability can be exploited through specially crafted input, potentially giving attackers full control over vulnerable computers.
Technical detail
A memory corruption vulnerability in Windows Runtime (CWE-824) enables remote code execution when processing specially crafted input. The attack vector is network-based, requiring the victim to interact with malicious content or visit a compromised website; successful exploitation results in arbitrary code execution with user privileges.
Summary generated and translated by AI from the official description.
Windows Runtime Remote Code Execution Vulnerability
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Windows 10 Version 1809Microsoft · Windows 10 Version 1909Microsoft · Windows 10 Version 20H2Microsoft · Windows 10 Version 21H1Microsoft · Windows 10 Version 21H2Microsoft · Windows 11 version 21H2Microsoft · Windows Server 2019Microsoft · Windows Server 2019 (Server Core installation)Microsoft · Windows Server 2022Microsoft · Windows Server version 20H2public PoCs found — 3
githubgithub.com/0vercl0k/CVE-2022-21971★ 303githubgithub.com/Malwareman007/CVE-2022-21971★ 11githubgithub.com/tufanturhan/CVE-2022-21971-Windows-Runtime-RCE★ 2⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →