Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.
AnalysisAI
Remote code execution in Microsoft SQL Server 2022 (GDR) allows authenticated network attackers to execute arbitrary code with high confidentiality, integrity, and availability impact via untrusted pointer dereference. The vulnerability affects SQL Server 2022 (GDR) versions below 16.0.1175.1, requires low-privilege authenticated access (PR:L), and has low attack complexity (AC:L), making it straightforward to exploit once network access is obtained. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires authenticated network access to Microsoft SQL Server with valid user credentials. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is significant but requires specific preconditions. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has compromised low-privilege SQL Server credentials (through phishing, password spraying, or exploiting a separate web application vulnerability) connects to the SQL Server 2022 instance over the network. The attacker crafts malicious SQL queries or TDS protocol messages containing specially formatted data that triggers the untrusted pointer dereference vulnerability during server-side processing. … |
| Remediation | Apply the vendor-released patch by upgrading Microsoft SQL Server 2022 (GDR) to version 16.0.1175.1 or later, available through the Microsoft Security Response Center update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33120. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all SQL Server 2022 (GDR) instances below version 16.0.1175.1 in production and non-production environments using asset management or vulnerability scanning tools. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
SQL injection in Microsoft SQL Server 2016-2025 allows authenticated high-privilege attackers to elevate privileges loca
SQL injection in Microsoft SQL Server 2016-2025 allows authenticated high-privilege attackers to elevate privileges loca
Same weakness CWE-822 – Untrusted Pointer Dereference
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22637