Skip to main content

Windows 10 CVE-2022-29137

HIGH
2022-05-10 secure@microsoft.com
8.8
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 10, 2022 - 21:15 cve.org
HIGH 8.8

DescriptionCVE.org

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

AnalysisAI

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Affected products include: Microsoft Windows 10, Microsoft Windows 11, Microsoft Windows 7, Microsoft Windows 8.1, Microsoft Windows Rt 8.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-3236 CRITICAL POC
9.8 Jun 16

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and

CVE-2015-6132 HIGH POC
7.2 Dec 09

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2

CVE-2016-0170 HIGH POC
8.8 May 11

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012

CVE-2016-3213 HIGH POC
8.8 Jun 16

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and

CVE-2016-0145 HIGH POC
8.8 Apr 12

The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows

CVE-2016-0041 HIGH POC
7.8 Feb 10

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold an

CVE-2015-6133 HIGH POC
7.2 Dec 09

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511

CVE-2017-8682 HIGH POC
8.8 Sep 13

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold a

CVE-2017-0038 MEDIUM POC
5.5 Feb 20

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows

CVE-2016-0015 HIGH POC
7.8 Jan 13

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Wi

CVE-2016-0168 MEDIUM POC
6.5 May 11

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012

CVE-2015-2459 CRITICAL POC
9.3 Aug 15

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,

Share

CVE-2022-29137 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy