IT Security

CVE-2022-21990 Remote Desktop Client Remote Code Execution Vulnerability (Zero Day)

Microsoft Zero Day

CVE-2022-21990

(proof-of-concept (PoC) exploit in the wild)

Attack vector: Network. The vulnerable component is bound to the network stack and the set of possible attackers extends beyond the other options listed, up to and including the entire Internet. Such a vulnerability is often termed ‘remotely exploitable’ and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers).

CVSS score: 8.8
Impacted Software: Microsoft RDP Client
Attack Complexity: Low
Privileges Required: No Privileges are required
User Interaction: Successful exploitation of this vulnerability requires a user to take some action before the vulnerability can be exploited.
If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client (Dustin Childs, with Trend Micro’s Zero Day Initiative)
Impact: High against Confidentiality, Integrity and Availability
Exploit Code: Proof of Concept published
Remediation Level: Microsoft has provided a patch

Leave a Reply