Lucene search
HistoryNov 09, 2022 - 10:15 p.m.
CVE-2022-41088
cve-2022-41088
windows
point-to-point
tunneling protocol
remote code execution
vulnerability
nvd
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.005
Percentile
76.1%
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Affected configurations
Node
microsoftwindows_10_1809Match10.0.17763.3650
Node
microsoftwindows_server_2019Match10.0.17763.3650
Node
microsoftwindows_server_2019Match10.0.17763.3650
Node
microsoftwindows_10_21h1Match10.0.19043.2251
Node
microsoftwindows_server_2022Match10.0.20348.1249
microsoftwindows_server_2022Match10.0.20348.1249
Node
microsoftwindows_10_20h2Match10.0.19042.2251
Node
microsoftwindows_11_21h2Match10.0.22000.1219
Node
microsoftwindows_10_21h2Match10.0.19044.2251
Node
microsoftwindows_11_22h2Match10.0.22621.819
Node
microsoftwindows_10_22h2Match10.0.19045.2251
Node
microsoftwindows_10_1507Match10.0.10240.19567
Node
microsoftwindows_10_1607Match10.0.14393.5501
Node
microsoftwindows_server_2016Match10.0.14393.5501
Node
microsoftwindows_server_2016Match10.0.14393.5501
Node
microsoftwindows_8.1Match8.1
microsoftwindows_8.1Match8.1
Node
microsoftwindows_server_2012Match6.2.9200.23968
Node
microsoftwindows_server_2012Match6.2.9200.23968
Node
microsoftwindows_server_2012Match6.3.9600.20671r2
microsoftwindows_server_2012Match6.3.9600.20671r2
Node
microsoftwindows_server_2012Match6.3.9600.20671r2
microsoftwindows_server_2012Match6.3.9600.20671r2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10_1809 | * | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h1 | * | cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_10_20h2 | * | cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1809",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3650:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3650:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3650:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.3650",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3650:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.3650",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3650:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.3650",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 21H1",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2251:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2251:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2251:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19043.2251",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1249:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1251:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.1249",
"versionType": "custom",
"status": "affected"
},
{
"version": "10.0.0",
"lessThan": "10.0.20348.1251",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 20H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2251:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2251:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19042.2251",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1219:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1219:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.1219",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2251:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2251:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2251:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19044.2251",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.819:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.819:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22621.819",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2251:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2251:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2251:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19045.2251",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1507",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19567:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19567:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.10240.19567",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1607",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5501:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5501:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5501",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5501",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5501",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 8.1",
"cpes": [
"cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20671:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20670:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20671:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20670:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20670:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.20671",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.20670",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23968:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.23968",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23968:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.23968",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20671:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20670:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.20671",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.20670",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20671:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20670:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.20671",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.20670",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
mscve
mscve
vulnrichment
vulnrichment
nvd
nvd
CVE-2022-41088
2022-11-09 22:15:21
cvelist
cvelist
prion
prion
Remote code execution
2022-11-09 22:15:00
talosblog
talosblog
thn
thn
qualysblog
qualysblog
nessus
nessus
KB5020003: Windows Server 2012 Security Update (November 2022)
2022-11-08 00:00:00
KB5020010: Windows 8.1 and Windows Server 2012 R2 Security Update (November 2022)
2022-11-08 00:00:00
KB5019970: Windows 10 LTS 1507 Security Update (November 2022)
2022-11-08 00:00:00
mskb
mskb
November 8, 2022âKB5020003 (Security-only update)
2023-01-26 08:00:00
November 8, 2022âKB5020009 (Monthly Rollup)
2023-01-26 08:00:00
November 8, 2022âKB5020010 (Security-only update)
2023-01-26 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5020023)
2022-11-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5019970)
2022-11-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5019959)
2022-11-09 00:00:00
kaspersky
kaspersky
KLA20045 Multiple vulnerabilities in Microsoft Products (ESU)
2022-11-08 00:00:00
KLA20047 Multiple vulnerabilities in Microsoft Windows
2022-11-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.005
Percentile
76.1%
Related for CVE-2022-41088