ID

VAR-202208-0759


CVE

CVE-2022-35751


TITLE

plural  Microsoft Windows  Elevated privilege vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2022-005718

DESCRIPTION

Windows Hyper-V Elevation of Privilege Vulnerability. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the vhdmp.sys driver. The issue results from improper authorization logic when accessing VHD files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Microsoft Windows Hyper-V是美国微软(Microsoft)公司的一个应用程序。一种系统管理程序虚拟化技术,能够实现桌面虚拟化. Microsoft Windows Hyper-V 存在安全漏洞。以下产品和版本受到影响:Windows 10 Version 21H1 for x64-based Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 20H2 for x64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for x64-based Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for x64-based systems,Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation)

Trust: 2.88

sources: NVD: CVE-2022-35751 // JVNDB: JVNDB-2022-005718 // ZDI: ZDI-22-1070 // CNNVD: CNNVD-202208-2537 // VULMON: CVE-2022-35751

AFFECTED PRODUCTS

vendor:microsoftmodel:windows 10 1607scope:ltversion:10.0.14393.5291

Trust: 1.0

vendor:microsoftmodel:windows 7scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2022scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10 1809scope:ltversion:10.0.17763.3287

Trust: 1.0

vendor:microsoftmodel:windows server 20h2scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 8.1scope:ltversion:6.3.9600.20520

Trust: 1.0

vendor:microsoftmodel:windows rt 8.1scope:ltversion:6.3.9600.20520

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows 10 1507scope:ltversion:10.0.10240.19387

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10 20h2scope:ltversion:10.0.19042.1889

Trust: 1.0

vendor:microsoftmodel:windows 11 21h2scope:ltversion:10.0.22000.856

Trust: 1.0

vendor:microsoftmodel:windows 10 21h2scope:ltversion:10.0.22000.856

Trust: 1.0

vendor:マイクロソフトmodel:microsoft windows server 2016scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2008scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:20h2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2022 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2022scope:eqversion: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 7scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for x64-based systems sp2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2012scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 8.1scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2022scope:eqversion:(server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2019scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2022

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 10scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for x64-based systems sp2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 11scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windowsscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-22-1070 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@microsoft.com: CVE-2022-35751
value: HIGH

Trust: 1.0

OTHER: JVNDB-2022-005718
value: HIGH

Trust: 0.8

ZDI: CVE-2022-35751
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202208-2537
value: HIGH

Trust: 0.6

secure@microsoft.com:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.1
impactScore: 6.0
version: 3.1

Trust: 1.0

OTHER: JVNDB-2022-005718
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-35751
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.0
impactScore: 6.0
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-1070 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751 // CNNVD: CNNVD-202208-2537

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2537

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2537

CONFIGURATIONS

sources: NVD: CVE-2022-35751

PATCH

title:Windows Hyper-V Elevation of Privilege Vulnerability Security Update Guideurl:https://msrc.microsoft.com/update-guide/en-us/vulnerability/cve-2022-35751

Trust: 0.8

title:Microsoft has issued an update to correct this vulnerability.url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-35751

Trust: 0.7

title:Microsoft Windows Hyper-V Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=239747

Trust: 0.6

sources: ZDI: ZDI-22-1070 // JVNDB: JVNDB-2022-005718 // CNNVD: CNNVD-202208-2537

EXTERNAL IDS

db:NVDid:CVE-2022-35751

Trust: 4.0

db:JVNDBid:JVNDB-2022-005718

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-17429

Trust: 0.7

db:ZDIid:ZDI-22-1070

Trust: 0.7

db:CNNVDid:CNNVD-202208-2537

Trust: 0.6

db:VULMONid:CVE-2022-35751

Trust: 0.1

sources: ZDI: ZDI-22-1070 // VULMON: CVE-2022-35751 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751 // CNNVD: CNNVD-202208-2537

REFERENCES

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-35751

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2022-35751

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20220810-ms.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2022/at220021.html

Trust: 0.8

url:https://vigilance.fr/vulnerability/microsoft-windows-vulnerabilities-of-august-2022-39030

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-35751/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-22-1070 // VULMON: CVE-2022-35751 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751 // CNNVD: CNNVD-202208-2537

CREDITS

Phan Thanh Duy (@PTDuy), Le Huu Quang Linh (@linhlhq) of STAR Labs

Trust: 0.7

sources: ZDI: ZDI-22-1070

SOURCES

db:ZDIid:ZDI-22-1070
db:VULMONid:CVE-2022-35751
db:JVNDBid:JVNDB-2022-005718
db:NVDid:CVE-2022-35751
db:CNNVDid:CNNVD-202208-2537

LAST UPDATE DATE

2023-12-18T13:00:39.508000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-1070date:2022-08-18T00:00:00
db:VULMONid:CVE-2022-35751date:2023-06-01T00:00:00
db:JVNDBid:JVNDB-2022-005718date:2023-06-09T04:52:00
db:NVDid:CVE-2022-35751date:2023-06-07T21:08:04.577
db:CNNVDid:CNNVD-202208-2537date:2023-06-08T00:00:00

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-1070date:2022-08-18T00:00:00
db:VULMONid:CVE-2022-35751date:2023-05-31T00:00:00
db:JVNDBid:JVNDB-2022-005718date:2023-06-09T00:00:00
db:NVDid:CVE-2022-35751date:2023-05-31T19:15:16.747
db:CNNVDid:CNNVD-202208-2537date:2022-08-09T00:00:00