ID

VAR-202208-0633


CVE

CVE-2022-35750


TITLE

plural  Microsoft Windows  Elevated privilege vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2022-005717

DESCRIPTION

Win32k Elevation of Privilege Vulnerability. plural Microsoft Windows The product has Win32k There is a vulnerability that elevates privileges due to a flaw in.You may be elevated. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the cdd.dll driver. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Microsoft Windows Canonical Display是美国微软(Microsoft)公司的一个为GDI图形提供渲染的支撑程序. Microsoft Windows Canonical Display Driver存在安全漏洞。以下产品和版本受到影响:Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation),Windows Server 2022 (Server Core installation),Windows Server 2022,Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems

Trust: 3.42

sources: NVD: CVE-2022-35750 // JVNDB: JVNDB-2022-005717 // ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069 // CNNVD: CNNVD-202208-2533

AFFECTED PRODUCTS

vendor:microsoftmodel:windowsscope: - version: -

Trust: 1.4

vendor:microsoftmodel:windows 10 1607scope:ltversion:10.0.14393.5291

Trust: 1.0

vendor:microsoftmodel:windows 7scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2022scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10 1809scope:ltversion:10.0.17763.3287

Trust: 1.0

vendor:microsoftmodel:windows server 20h2scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 11 21h2scope:ltversion:10.0.22000.856

Trust: 1.0

vendor:microsoftmodel:windows 8.1scope:ltversion:6.3.9600.20520

Trust: 1.0

vendor:microsoftmodel:windows rt 8.1scope:ltversion:6.3.9600.20520

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows 10 1507scope:ltversion:10.0.10240.19387

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10 20h2scope:ltversion:10.0.19042.1889

Trust: 1.0

vendor:microsoftmodel:windows 10 21h1scope:ltversion:10.0.19043.1889

Trust: 1.0

vendor:マイクロソフトmodel:microsoft windows server 2016scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2008scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:20h2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2022 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for 32-bit systems sp2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2022scope:eqversion: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 7scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for x64-based systems sp2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2012scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 8.1scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2022scope:eqversion:(server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for 32-bit systems sp2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2019scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2022

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 10scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows rt 8.1scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for x64-based systems sp2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 11scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 (server core installation)

Trust: 0.8

sources: ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069 // JVNDB: JVNDB-2022-005717 // NVD: CVE-2022-35750

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2022-35750
value: HIGH

Trust: 1.4

secure@microsoft.com: CVE-2022-35750
value: HIGH

Trust: 1.0

OTHER: JVNDB-2022-005717
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202208-2533
value: HIGH

Trust: 0.6

ZDI: CVE-2022-35750
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.0
impactScore: 6.0
version: 3.0

Trust: 1.4

secure@microsoft.com:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2022-005717
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069 // JVNDB: JVNDB-2022-005717 // NVD: CVE-2022-35750 // CNNVD: CNNVD-202208-2533

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-005717 // NVD: CVE-2022-35750

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2533

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2533

CONFIGURATIONS

sources: NVD: CVE-2022-35750

PATCH

title:Microsoft has issued an update to correct this vulnerability.url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-35750

Trust: 1.4

title:Win32k Elevation of Privilege Vulnerability Security Update Guideurl:https://msrc.microsoft.com/update-guide/en-us/vulnerability/cve-2022-35750

Trust: 0.8

title:Microsoft Windows Canonical Display Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=239743

Trust: 0.6

title:Securelisturl:https://securelist.com/it-threat-evolution-in-q3-2022-non-mobile-statistics/107963/

Trust: 0.1

sources: ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069 // VULMON: CVE-2022-35750 // JVNDB: JVNDB-2022-005717 // CNNVD: CNNVD-202208-2533

EXTERNAL IDS

db:NVDid:CVE-2022-35750

Trust: 4.7

db:JVNDBid:JVNDB-2022-005717

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-17679

Trust: 0.7

db:ZDIid:ZDI-22-1075

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-17441

Trust: 0.7

db:ZDIid:ZDI-22-1069

Trust: 0.7

db:CNNVDid:CNNVD-202208-2533

Trust: 0.6

db:VULMONid:CVE-2022-35750

Trust: 0.1

sources: ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069 // VULMON: CVE-2022-35750 // JVNDB: JVNDB-2022-005717 // NVD: CVE-2022-35750 // CNNVD: CNNVD-202208-2533

REFERENCES

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-35750

Trust: 3.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-35750

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20220810-ms.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2022/at220021.html

Trust: 0.8

url:https://vigilance.fr/vulnerability/microsoft-windows-vulnerabilities-of-august-2022-39030

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-35750/

Trust: 0.6

url:https://securelist.com/it-threat-evolution-in-q3-2022-non-mobile-statistics/107963/

Trust: 0.1

sources: ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069 // VULMON: CVE-2022-35750 // JVNDB: JVNDB-2022-005717 // NVD: CVE-2022-35750 // CNNVD: CNNVD-202208-2533

CREDITS

Marcin Wiazowski

Trust: 1.4

sources: ZDI: ZDI-22-1075 // ZDI: ZDI-22-1069

SOURCES

db:ZDIid:ZDI-22-1075
db:ZDIid:ZDI-22-1069
db:VULMONid:CVE-2022-35750
db:JVNDBid:JVNDB-2022-005717
db:NVDid:CVE-2022-35750
db:CNNVDid:CNNVD-202208-2533

LAST UPDATE DATE

2023-12-18T13:00:39.657000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-1075date:2022-08-18T00:00:00
db:ZDIid:ZDI-22-1069date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2022-005717date:2023-06-09T04:50:00
db:NVDid:CVE-2022-35750date:2023-06-07T20:54:17.420
db:CNNVDid:CNNVD-202208-2533date:2023-06-08T00:00:00

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-1075date:2022-08-18T00:00:00
db:ZDIid:ZDI-22-1069date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2022-005717date:2023-06-09T00:00:00
db:NVDid:CVE-2022-35750date:2023-05-31T19:15:16.677
db:CNNVDid:CNNVD-202208-2533date:2022-08-09T00:00:00