Sign-up

ID

VAR-202205-1958


CVE

CVE-2022-30190


TITLE

plural  Microsoft Windows  Product Remote Code Execution Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-003352

DESCRIPTION

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. plural Microsoft Windows The product has Microsoft Windows Support Diagnostic Tool (MSDT) is vulnerable to remote code execution.It is possible to execute code remotely. Microsoft Windows Support Diagnostic Tool (MSDT)存在操作系统命令注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2022 Azure Edition Core Hotpatch,Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation)

Trust: 2.25

sources: NVD: CVE-2022-30190 // JVNDB: JVNDB-2022-003352 // CNNVD: CNNVD-202205-4277 // VULMON: CVE-2022-30190

AFFECTED PRODUCTS

vendor:microsoftmodel:windows 10 21h2scope:ltversion:10.0.19044.1766

Trust: 1.0

vendor:microsoftmodel:windows rt 8.1scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10 1809scope:ltversion:10.0.17763.3046

Trust: 1.0

vendor:microsoftmodel:windows 10 1607scope:ltversion:10.0.14393.5192

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:ltversion:10.0.14393.5192

Trust: 1.0

vendor:microsoftmodel:windows server 20h2scope:ltversion:10.0.19042.1766

Trust: 1.0

vendor:microsoftmodel:windows 7scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows 10 21h1scope:ltversion:10.0.19043.1766

Trust: 1.0

vendor:microsoftmodel:windows 11 21h2scope:ltversion:10.0.22000.739

Trust: 1.0

vendor:microsoftmodel:windows server 2022scope:ltversion:10.0.20348.770

Trust: 1.0

vendor:microsoftmodel:windows 10 1507scope:ltversion:10.0.10240.19325

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 8.1scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10 20h2scope:ltversion:10.0.19042.1766

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:ltversion:10.0.17763.3046

Trust: 1.0

vendor:マイクロソフトmodel:microsoft windows server 2022scope:eqversion:(server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows rt 8.1scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2022

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2022scope:eqversion: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2019scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 8.1scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2016scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 10scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:20h2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2008scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 11scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 7scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2022 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2012scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2 (server core installation)

Trust: 0.8

sources: JVNDB: JVNDB-2022-003352 // NVD: CVE-2022-30190

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-30190
value: HIGH

Trust: 1.8

secure@microsoft.com: CVE-2022-30190
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202205-4277
value: HIGH

Trust: 0.6

VULMON: CVE-2022-30190
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2022-30190
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.9

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-003352
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2022-30190 // JVNDB: JVNDB-2022-003352 // CNNVD: CNNVD-202205-4277 // NVD: CVE-2022-30190 // NVD: CVE-2022-30190

PROBLEMTYPE DATA

problemtype:CWE-610

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-003352 // NVD: CVE-2022-30190

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-4277

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202205-4277

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-30190

PATCH
title:Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability Security Update Guideurl:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30190
Trust: 0.8
title:Microsoft Windows Support Diagnostic Tool Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=194540
Trust: 0.6
title:POC-msdt-follina
Educational Purpose Only!
Usage
Updateurl:https://github.com/adkali/poc-msdt-follina 
Trust: 0.2
title:Follina-MSDT-Vulnerability-CVE-2022-30190-url:https://github.com/ekamsinghwalia/follina-msdt-vulnerability-cve-2022-30190- 
Trust: 0.1
title:Unofficial-Follina-Mitigation-Script
How to use:url:https://github.com/joseoteroo/unofficial-follina-mitigation 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/sentinelblue/cve-2022-30190 
Trust: 0.1
title:Follina-CVE-2022-30190-Unofficial-patch-
About Program
Guide
Downloadurl:https://github.com/sonicwave21/follina-cve-2022-30190-unofficial-patch 
Trust: 0.1
title:Follina-CVE-2022-30190-Unofficial-patch-
About Program
Guide
Downloadurl:https://github.com/sonicwave21/follina-cve-2022-30190-unofficial-patch- 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/gyaansastra/cve-2022-30190 
Trust: 0.1
title:POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follinaurl:https://github.com/jmousqueton/poc-msdt-follina 
Trust: 0.1
title:follina (POC)
Usage
Workaround
Sourcesurl:https://github.com/noxtal/follina 
Trust: 0.1
title:mitigate-folinaurl:https://github.com/derco0n/mitigate-folina 
Trust: 0.1
title:CVE-2022-30190-Follina-Patch
Images
Manuallyurl:https://github.com/suegdu/cve-2022-30190-follina-patch 
Trust: 0.1
title:CSAW '23 Qualifiers Writeups
Web: Philanthropy
Forensics: 1black0white
Intro: whataxor
Crypto: Mental Poker
Incident Response: What is going on?
Incident Response: Initial Accessurl:https://github.com/austinstitz-hacking/csaw23qual 
Trust: 0.1
title:https://github.com/warren2i/MSDT_Doc_generatorurl:https://github.com/warren2i/msdt_doc_generator 
Trust: 0.1
title:CVE-2022-30190-follinaurl:https://github.com/drgreenthumb93/cve-2022-30190-follina 
Trust: 0.1
title:cve-2022-30190url:https://github.com/paddlingcode/cve-2022-30190 
Trust: 0.1
title:MS-MSDT_Office_RCE_Follina
Exploit DIY
Referenceurl:https://github.com/riki744/ms-msdt_office_rce_follina 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/itmarcin2211/cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/meowhua15/cve-2022-30190 
Trust: 0.1
title:msdt-follina-officeurl:https://github.com/kdk2933/msdt-cve-2022-30190 
Trust: 0.1
title:MS-MSDT-Office-RCE-Follinaurl:https://github.com/achocolatechippancake/ms-msdt-office-rce-follina 
Trust: 0.1
title:FOLLINA-CVE-2022-30190url:https://github.com/toxicenvelope/follina-cve-2022-30190 
Trust: 0.1
title:Better With Reg 🧊url:https://github.com/pedrojosawczuk/betterwithreg 
Trust: 0.1
title:go_follinaurl:https://github.com/lucaskrell/go_follina 
Trust: 0.1
title:Exploits scripts - (In Progress)url:https://github.com/amitniz/exploits 
Trust: 0.1
title:FollinaExtractorurl:https://github.com/malwaretech/follinaextractor 
Trust: 0.1
title:Follina Proof of Concept (CVE-2022-30190)
Usageurl:https://github.com/tiepologian/follina 
Trust: 0.1
title:cve-2022-30190url:https://github.com/rickhenderson/cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190-POCurl:https://github.com/mitespsoc/cve-2022-30190-poc 
Trust: 0.1
title:CVE-2022-30190 - Microsoft Support Diagnostic Toolurl:https://github.com/joshuavanderpoll/cve-2022-30190 
Trust: 0.1
title:follina-CVE-2022-30190url:https://github.com/cerebrovinny/follina-cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190 (Follina)url:https://github.com/winstxnhdw/cve-2022-30190 
Trust: 0.1
title:Follina-attack-CVE-2022-30190-url:https://github.com/imeneallouche/follina-attack-cve-2022-30190- 
Trust: 0.1
title:Follina-CVE-2022-30190-Sample-by-ethical-blue
Version history
Featuresurl:https://github.com/ethicalblue/follina-cve-2022-30190-poc-sample 
Trust: 0.1
title:Follina Exploiter CLI Tool MSDT Vulnerability (CVE-2022-30190)url:https://github.com/0xabbarhsf/follinaxploit 
Trust: 0.1
title:Cve-2022-30190url:https://github.com/anonymouss1276/cve-2022-30190 
Trust: 0.1
title:PyRATE documentationurl:https://github.com/g4vr0ch3/pyrate 
Trust: 0.1
title:POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follinaurl:https://github.com/jmousqueton/poc-cve-ms-office-rce 
Trust: 0.1
title:POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follinaurl:https://github.com/jmousqueton/poc-cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190 MS-MSDT Using Follina Attack Vector
How It Entered The Radar?
Explanation Of The Exploit
How far Could This Exploit Go Further In The Wild?
Mitigation Suggestions
Conclusion
Referencesurl:https://github.com/kocdeniz/msdt-poc 
Trust: 0.1
title:MSDT_CVE-2022-30190url:https://github.com/archanchoudhury/msdt_cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/gyaansastra/cve2022-30190 
Trust: 0.1
title:Windows e TI
Licença
Correções não oficiais
Aplicativos
Extensões Chrome
Suporteurl:https://github.com/chacalbl4ck/meurepositorio 
Trust: 0.1
title:https://github.com/cybercy/cybercyurl:https://github.com/cybercy/cybercy 
Trust: 0.1
title:Cve-2022-30190url:https://github.com/dianaross20/cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/flux10n/cve-2022-30190 
Trust: 0.1
title:IMPORTANTurl:https://github.com/arozx/cve-2022-30190 
Trust: 0.1
title:Follina Exploiter CLI Tool MSDT Vulnerability (CVE-2022-30190)url:https://github.com/hrishikesh7665/follina_exploiter_cli 
Trust: 0.1
title:MS-MSDT-Proactive-remediationurl:https://github.com/terryb8s/ms-msdt-proactive-remediation 
Trust: 0.1
title:PyRATE documentationurl:https://github.com/petitprinc3/pyrate 
Trust: 0.1
title:AmzWord
Requirements
Usage & attack process
Remarkurl:https://github.com/jump-wang-111/amzword 
Trust: 0.1
title:MSDT_CVE-2022-30190-follina-url:https://github.com/aymankhder/msdt_cve-2022-30190-follina- 
Trust: 0.1
title:CVE 30190
Environnement
Exploit
Examplesurl:https://github.com/aminetitrofine/cve-2022-30190 
Trust: 0.1
title:DisableMS-MSDTurl:https://github.com/kkarani1/disablems-msdt 
Trust: 0.1
title:Follina-CVE-2022-30190 Proof of Concept by Neeurl:https://github.com/itsnee/folina-cve-2022-30190-poc- 
Trust: 0.1
title:Deathnote
Usage
Examplesurl:https://github.com/malwareman007/deathnote 
Trust: 0.1
title:CVE Pullerurl:https://github.com/ransomsec/cvepuller 
Trust: 0.1
title:msdt-follina-officeurl:https://github.com/kdk2933/msdt-follina-office 
Trust: 0.1
title:follina_cve_2022-30190url:https://github.com/amitniz/follina_cve_2022-30190 
Trust: 0.1
title:CVE-2022-30190_EXP_PowerPointurl:https://github.com/gra3s/cve-2022-30190-powerpoint 
Trust: 0.1
title:dogwalkurl:https://github.com/reubensammut/dogwalk 
Trust: 0.1
title:Follinaurl:https://github.com/abhirules27/follina 
Trust: 0.1
title:Threat Hunting Simulator Using Graylogurl:https://github.com/cadengh/threathunter 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/ernestak/cve-2022-30190 
Trust: 0.1
title:CVE-2022-30190_EXP_PowerPointurl:https://github.com/gra3s/cve-2022-30190-follina-powerpoint-version 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/derziad/cve-2022-30190 
Trust: 0.1
title:Follina-CVE-2022-30190-Sample-by-ethical-blue
Version history
Featuresurl:https://github.com/ethicalblue/follina-cve-2022-30190-sample 
Trust: 0.1
title:https://github.com/gamingwithevets/msdt-disableurl:https://github.com/gamingwithevets/msdt-disable 
Trust: 0.1
title:🩹CVE-2022-30190 Temporary Fix🩹 (Source Code)url:https://github.com/srcroqueta/cve-2022-30190_temporary_fix_source_code 
Trust: 0.1
title:msdt-follinaurl:https://github.com/iamvsm/msdt-follina 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/k508/cve-2022-30190 
Trust: 0.1
title:Windows-0-Day-Automated-fixurl:https://github.com/oymarcel/windows-0-day-automated-fix 
Trust: 0.1
title:Follina zero day office exploit patch for Windows 10url:https://github.com/hereticerik/follina-patch 
Trust: 0.1
title:FollinaScannerurl:https://github.com/errornointernet/follinascanner 
Trust: 0.1
title:MSDT Patcher, a.k.a. CVE-2022-30190-NSISurl:https://github.com/rouben/cve-2022-30190-nsis 
Trust: 0.1
title:Financial Cyber Drill 2022 - Writeupurl:https://github.com/ruefulrobin/findrill2022 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/onecloudemoji/cve-2022-30190 
Trust: 0.1
title:Five Nights at Follina's
Disclaimer
Offensive Tools
Defensive Tools
Using Example Payloadsurl:https://github.com/jeffymcjeffface/five-nights-at-follina-s 
Trust: 0.1
title:https://github.com/SilentExploitx/SilentExploiturl:https://github.com/silentexploitx/silentexploit 
Trust: 0.1
title:🩹CVE-2022-30190 Temporary Fix🩹url:https://github.com/srcroqueta/cve-2022-30190_temporary_fix 
Trust: 0.1
title:Follina - CVE-2022-30190url:https://github.com/wesyhub/cve-2022-30190---follina---poc-exploit 
Trust: 0.1
title:Rapid7_InsightVMurl:https://github.com/cm101995/rapid7_insightvm 
Trust: 0.1
title:follina-CVE-2022-30190url:https://github.com/notherealhazard/follina-cve-2022-30190 
Trust: 0.1
title:Follina Web Serverurl:https://github.com/nodeblue/follina 
Trust: 0.1
title:https://github.com/LissanKoirala/LissanKoiralaurl:https://github.com/lissankoirala/lissankoirala 
Trust: 0.1
title:msdt-follina-office-rceurl:https://github.com/zkl21hoang/msdt-follina-office-rce 
Trust: 0.1
title:CVE-2022-30190_EXP_PowerPointurl:https://github.com/gra3s/cve-2022-30190_exp_powerpoint 
Trust: 0.1
title:ProductionFollinaWorkaroundurl:https://github.com/mh4tter/productionfollinaworkaround 
Trust: 0.1
title:Follina MS-MSDT exploitation with Spring Booturl:https://github.com/dsibilio/follina-spring 
Trust: 0.1
title:Proof of Concept of the original SekiganWare Malware, source code not avaliable anymore...url:https://github.com/cryxnet/sekiganware 
Trust: 0.1
title:CVE-2022-30190url:https://github.com/hscorpion/cve-2022-30190 
Trust: 0.1
title:IMPORTANTurl:https://github.com/arozx/cve-2022-30910 
Trust: 0.1
title:NOTE
USAGEurl:https://github.com/yannikg/tsbe-cybersec-follina 
Trust: 0.1
title:Follina-CVE-2022-30190 Proof of Concept by Neeurl:https://github.com/itsnee/follina-cve-2022-30190-poc 
Trust: 0.1
title:https://github.com/thanhtranntkh/SMDT-fixurl:https://github.com/thanhtranntkh/smdt-fix 
Trust: 0.1
title:Follina-CVE-2022-30190 Proof of Concept by Neeurl:https://github.com/itsnee/folina-cve-2022-30190-poc 
Trust: 0.1
title:Follina-Remediation
This repo has been archived since Microsoft published official fixes. See https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190 for specificsurl:https://github.com/cosmo121/follina-remediation 
Trust: 0.1
title:Follina workaround (CVE-2022-30190)url:https://github.com/sentrium-security/follina-workaround-cve-2022-30190 
Trust: 0.1
title:Liens pouvant être utilesurl:https://github.com/java-printemps/.github 
Trust: 0.1
title:https://github.com/Muhammad-Ali007/Follina_MSDT_CVE-2022-30190url:https://github.com/muhammad-ali007/follina_msdt_cve-2022-30190 
Trust: 0.1
title:Symantec Threat Intelligence Blogurl:https://www.symantec.com/blogs/threat-intelligence/follina-msdt-exploit-malware
Trust: 0.1
title:Securelisturl:https://securelist.com/it-threat-evolution-in-q3-2022-non-mobile-statistics/107963/
Trust: 0.1
title:Securelisturl:https://securelist.com/it-threat-evolution-q2-2022/107099/
Trust: 0.1
title:Securelisturl:https://securelist.com/it-threat-evolution-in-q2-2022-non-mobile-statistics/107133/
Trust: 0.1
title:Threatposturl:https://threatpost.com/microsoft-patches-dogwalk-zero-day-and-17-critical-flaws/180378/
Trust: 0.1
title:Threatposturl:https://threatpost.com/fancy-bear-nuke-threat-lure/180056/
Trust: 0.1
title:Threatposturl:https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/
Trust: 0.1
title:Securelisturl:https://securelist.com/cve-2022-30190-follina-vulnerability-in-msdt-description-and-counteraction/106703/
Trust: 0.1
title:Threatposturl:https://threatpost.com/microsoft-workaround-0day-attack/179776/
Trust: 0.1
title:The Registerurl:https://www.theregister.co.uk/2022/06/09/qbot-malware-microsoft-follina/
Trust: 0.1
title:The Registerurl:https://www.theregister.co.uk/2022/06/09/symantec-follina-microsoft/
Trust: 0.1
title:The Registerurl:https://www.theregister.co.uk/2022/06/15/microsoft_patch_tuesday/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-30190 // 
            
            
            
            JVNDB: JVNDB-2022-003352 // 
            
            
            
            CNNVD: CNNVD-202205-4277

EXTERNAL IDS
db:NVDid:CVE-2022-30190
Trust: 3.3
db:PACKETSTORMid:167438
Trust: 1.7
db:JVNDBid:JVNDB-2022-003352
Trust: 0.8
db:CS-HELPid:SB2022053005
Trust: 0.6
db:PACKETSTORMid:167313
Trust: 0.6
db:CXSECURITYid:WLB-2022060003
Trust: 0.6
db:CXSECURITYid:WLB-2022060034
Trust: 0.6
db:CNNVDid:CNNVD-202205-4277
Trust: 0.6
db:VULMONid:CVE-2022-30190
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-30190 // 
            
            
            
            JVNDB: JVNDB-2022-003352 // 
            
            
            
            CNNVD: CNNVD-202205-4277 // 
            
            
            
            NVD: CVE-2022-30190

REFERENCES
url:http://packetstormsecurity.com/files/167438/microsoft-office-word-msdtjs-code-execution.html
Trust: 2.3
url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30190
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2022-30190
Trust: 0.8
url:https://www.ipa.go.jp/security/ciadr/vul/20220615-ms.html
Trust: 0.8
url:https://www.jpcert.or.jp/at/2022/at220016.html
Trust: 0.8
url:https://cxsecurity.com/issue/wlb-2022060034
Trust: 0.6
url:https://cxsecurity.com/issue/wlb-2022060003
Trust: 0.6
url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-30190
Trust: 0.6
url:https://packetstormsecurity.com/files/167313/microsoft-follina-proof-of-concept.html
Trust: 0.6
url:https://vigilance.fr/vulnerability/microsoft-office-code-execution-via-msdt-38468
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022053005
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/610.html
Trust: 0.1
url:https://www.theregister.co.uk/2022/06/09/qbot-malware-microsoft-follina/
Trust: 0.1
url:https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/
Trust: 0.1
url:https://github.com/ekamsinghwalia/follina-msdt-vulnerability-cve-2022-30190-
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-30190 // 
            
            
            
            JVNDB: JVNDB-2022-003352 // 
            
            
            
            CNNVD: CNNVD-202205-4277 // 
            
            
            
            NVD: CVE-2022-30190

CREDITS
crazyman</a> with Shadow Chaser Group</a>
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202205-4277

SOURCES
db:VULMONid:CVE-2022-30190
db:JVNDBid:JVNDB-2022-003352
db:CNNVDid:CNNVD-202205-4277
db:NVDid:CVE-2022-30190

LAST UPDATE DATE
2024-06-28T22:37:18.945000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2022-30190date:2023-12-20T00:00:00
db:JVNDBid:JVNDB-2022-003352date:2023-02-15T01:52:00
db:CNNVDid:CNNVD-202205-4277date:2022-06-13T00:00:00
db:NVDid:CVE-2022-30190date:2024-06-28T14:14:37.327

SOURCES RELEASE DATE
db:VULMONid:CVE-2022-30190date:2022-06-01T00:00:00
db:JVNDBid:JVNDB-2022-003352date:2023-02-15T00:00:00
db:CNNVDid:CNNVD-202205-4277date:2022-05-30T00:00:00
db:NVDid:CVE-2022-30190date:2022-06-01T20:15:07.983