microsoft windows-server-2012 CVE-2022-30190 vulnerability in Microsoft Products
Published on June 1, 2022

product logo product logo
<p>A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the users rights.</p> <p>Please see the <a href="https://aka.ms/CVE-2022-30190-Guidance">MSRC Blog Entry</a> for important information about steps you can take to protect your system from this vulnerability.</p>

Vendor Advisory NVD

Known Exploited Vulnerability

This Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.

The following remediation steps are recommended / required by July 5, 2022: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2022-30190 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.


Products Associated with CVE-2022-30190

You can be notified by stack.watch whenever vulnerabilities like CVE-2022-30190 are published in these products:

 
 
 
 
 
 
 
 
 
 

What versions are vulnerable to CVE-2022-30190?