CVE-2022-38028
CVSS v3.1
7.8 (High)
EPSS
0.05 % (21th)
Affected Products
13
Advisories
2
NVD Status
Analyzed
Windows Print Spooler Elevation of Privilege Vulnerability
Weaknesses
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Microsoft Corporation
- Published Date
-
2022-10-11 19:15:15
(23 months ago) - Updated Date
-
2024-09-11 01:00:01
(8 days ago)
Microsoft Windows Print Spooler Privilege Escalation Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.
- Required Action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38028; https://nvd.nist.gov/vuln/detail/CVE-2022-38028
- Vendor
- Microsoft
- Product
- Windows
- In CISA Catalog from
-
2024-04-23
(4 months ago) - Due Date
-
2024-05-14
(4 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...