What is the CVSS score of CVE-2022-38028?

CVE-2022-38028 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 5.0%.

Which versions of Windows are affected by CVE-2022-38028?

CVE-2022-38028 presents notable security risk rated CVSS 7.8. Exploitation could compromise the security of affected deployments.. A patch is available.

Is CVE-2022-38028 being actively exploited?

Yes, CVE-2022-38028 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2022-38028?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Vendor patch is available.

Windows CVE-2022-38028

HIGH

2022-10-11 secure@microsoft.com

Windows

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:19 vuln.today

Added to CISA KEV

Oct 30, 2025 - 19:37 cisa

CISA KEV

Patch released

Oct 30, 2025 - 19:37 nvd

Patch available

CVE Published

Oct 11, 2022 - 19:15 nvd

HIGH 7.8

DescriptionNVD

Windows Print Spooler Elevation of Privilege Vulnerability

AnalysisAI

Windows Print Spooler allows local privilege escalation that was exploited by the Russian GRU's 'Forest Blizzard' (APT28) group using a custom tool called 'GooseEgg' for credential theft and lateral movement in government networks.

Technical ContextAI

The Print Spooler vulnerability allows a local attacker to escalate privileges through crafted interactions with the printer driver installation process. APT28's GooseEgg tool automates exploitation and post-exploitation credential extraction.

Affected ProductsAI

Microsoft Windows (Print Spooler component)

RemediationAI

Apply Microsoft security update. Disable the Print Spooler service on systems that don't require printing. Monitor for GooseEgg indicators of compromise. Implement credential guard to protect LSASS.

CVE-2022-38028 vulnerability details – vuln.today

Back

Windows CVE-2022-38028

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code