CVE-2022-30190
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVSS
—
Sin CVSS
EPSS
99.4%
p100
KEV
SÍ
14 jun 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Microsoft / Windows
Vulnerabilidad
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Añadido a KEV
14 jun 2022
Remediar antes de
5 jul 2022
Uso conocido en ransomware
Sí
Descripción resumida
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2022-30190