5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.4%
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, spoof user interface.
Below is a complete list of vulnerabilities:
CVE-2022-1143 critical
CVE-2022-1133 critical
CVE-2022-1134 critical
CVE-2022-1138 high
CVE-2022-1136 critical
CVE-2022-1127 critical
CVE-2022-1135 critical
CVE-2022-1129 high
CVE-2022-1139 high
CVE-2022-1137 high
CVE-2022-1130 critical
CVE-2022-1128 high
CVE-2022-1125 critical
CVE-2022-1146 high
CVE-2022-1145 critical
CVE-2022-1131 critical
CVE-2022-26894 critical
CVE-2022-26891 critical
CVE-2022-26908 critical
CVE-2022-26912 critical
CVE-2022-24523 warning
CVE-2022-26895 critical
CVE-2022-26900 critical
CVE-2022-24475 critical
CVE-2022-26909 critical
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1125
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1127
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1128
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1129
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1130
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1131
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1133
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1134
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1135
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1136
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1137
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1138
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1139
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1143
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1145
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1146
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24475
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24523
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26891
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26894
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26895
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26900
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26908
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26909
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26912
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.4%