Details of VAR-202208-0759

ID

VAR-202208-0759

CVE

CVE-2022-35751

TITLE

plural Microsoft Windows Elevated privilege vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2022-005718

DESCRIPTION

Windows Hyper-V Elevation of Privilege Vulnerability. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the vhdmp.sys driver. The issue results from improper authorization logic when accessing VHD files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Microsoft Windows Hyper-V是美国微软（Microsoft）公司的一个应用程序。一种系统管理程序虚拟化技术，能够实现桌面虚拟化. Microsoft Windows Hyper-V 存在安全漏洞。以下产品和版本受到影响：Windows 10 Version 21H1 for x64-based Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 20H2 for x64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for x64-based Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for x64-based systems,Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation)

Trust: 2.88

sources: NVD: CVE-2022-35751 // JVNDB: JVNDB-2022-005718 // ZDI: ZDI-22-1070 // CNNVD: CNNVD-202208-2537 // VULMON: CVE-2022-35751

AFFECTED PRODUCTS

vendor:	microsoft	model:	windows 10 1607	scope:	lt	version:	10.0.14393.5291	Trust: 1.0
vendor:	microsoft	model:	windows 7	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2022	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10 1809	scope:	lt	version:	10.0.17763.3287	Trust: 1.0
vendor:	microsoft	model:	windows server 20h2	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 8.1	scope:	lt	version:	6.3.9600.20520	Trust: 1.0
vendor:	microsoft	model:	windows rt 8.1	scope:	lt	version:	6.3.9600.20520	Trust: 1.0
vendor:	microsoft	model:	windows server 2008	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	r2	Trust: 1.0
vendor:	microsoft	model:	windows 10 1507	scope:	lt	version:	10.0.10240.19387	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2008	scope:	eq	version:	r2	Trust: 1.0
vendor:	microsoft	model:	windows server 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10 20h2	scope:	lt	version:	10.0.19042.1889	Trust: 1.0
vendor:	microsoft	model:	windows 11 21h2	scope:	lt	version:	10.0.22000.856	Trust: 1.0
vendor:	microsoft	model:	windows 10 21h2	scope:	lt	version:	10.0.22000.856	Trust: 1.0
vendor:	マイクロソフト	model:	microsoft windows server 2016	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 r2 for x64-based systems sp1	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2008	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	20h2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012 r2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2022 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2022	scope:	eq	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 r2 for x64-based systems sp1 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows 7	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 for x64-based systems sp2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012 r2	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2012	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2016 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows 8.1	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2022	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2019 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2019	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2022	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows 10	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2019	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2016	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 for x64-based systems sp2	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows 11	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-22-1070 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@microsoft.com:	CVE-2022-35751
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2022-005718
value:	HIGH
Trust: 0.8
ZDI:	CVE-2022-35751
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202208-2537
value:	HIGH
Trust: 0.6

secure@microsoft.com:
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.1
impactScore:	6.0
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2022-005718
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2022-35751
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-1070 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751 // CNNVD: CNNVD-202208-2537

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2537

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2537

CONFIGURATIONS

sources: NVD: CVE-2022-35751

PATCH

title:	Windows Hyper-V Elevation of Privilege Vulnerability Security Update Guide	url:	https://msrc.microsoft.com/update-guide/en-us/vulnerability/cve-2022-35751	Trust: 0.8
title:	Microsoft has issued an update to correct this vulnerability.	url:	https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-35751	Trust: 0.7
title:	Microsoft Windows Hyper-V Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=239747	Trust: 0.6

sources: ZDI: ZDI-22-1070 // JVNDB: JVNDB-2022-005718 // CNNVD: CNNVD-202208-2537

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35751	Trust: 4.0
db:	JVNDB	id:	JVNDB-2022-005718	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-17429	Trust: 0.7
db:	ZDI	id:	ZDI-22-1070	Trust: 0.7
db:	CNNVD	id:	CNNVD-202208-2537	Trust: 0.6
db:	VULMON	id:	CVE-2022-35751	Trust: 0.1

sources: ZDI: ZDI-22-1070 // VULMON: CVE-2022-35751 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751 // CNNVD: CNNVD-202208-2537

REFERENCES

url:	https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-35751	Trust: 3.0
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35751	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20220810-ms.html	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2022/at220021.html	Trust: 0.8
url:	https://vigilance.fr/vulnerability/microsoft-windows-vulnerabilities-of-august-2022-39030	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-35751/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZDI: ZDI-22-1070 // VULMON: CVE-2022-35751 // JVNDB: JVNDB-2022-005718 // NVD: CVE-2022-35751 // CNNVD: CNNVD-202208-2537

CREDITS

Phan Thanh Duy (@PTDuy), Le Huu Quang Linh (@linhlhq) of STAR Labs

Trust: 0.7

sources: ZDI: ZDI-22-1070

SOURCES

db:	ZDI	id:	ZDI-22-1070
db:	VULMON	id:	CVE-2022-35751
db:	JVNDB	id:	JVNDB-2022-005718
db:	NVD	id:	CVE-2022-35751
db:	CNNVD	id:	CNNVD-202208-2537

LAST UPDATE DATE

2023-12-18T13:00:39.508000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-1070	date:	2022-08-18T00:00:00
db:	VULMON	id:	CVE-2022-35751	date:	2023-06-01T00:00:00
db:	JVNDB	id:	JVNDB-2022-005718	date:	2023-06-09T04:52:00
db:	NVD	id:	CVE-2022-35751	date:	2023-06-07T21:08:04.577
db:	CNNVD	id:	CNNVD-202208-2537	date:	2023-06-08T00:00:00

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-1070	date:	2022-08-18T00:00:00
db:	VULMON	id:	CVE-2022-35751	date:	2023-05-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-005718	date:	2023-06-09T00:00:00
db:	NVD	id:	CVE-2022-35751	date:	2023-05-31T19:15:16.747
db:	CNNVD	id:	CNNVD-202208-2537	date:	2022-08-09T00:00:00