Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12568
HistoryJun 14, 2022 - 12:00 a.m.

KLA12568 Multiple vulnerabilities in Microsoft Products (ESU)

2022-06-1400:00:00
Kaspersky Lab
threats.kaspersky.com
25

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

JSON

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
  2. Information disclosure vulnerability in microarchitectural fill buffers on some Intel Processors can be exploited to obtain sensitive information.
  3. An elevation of privilege vulnerability in Windows Advanced Local Procedure Call can be exploited remotely to gain privileges.
  4. Information disclosure vulnerability in multi-core shared buffers for some Intel Processors can be exploited to obtain sensitive information.
  5. Information disclosure vulnerability in specific special register write operations for some Intel Processors can be exploited to obtain sensitive information.
  6. A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
  7. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  8. A remote code execution vulnerability in Windows File History can be exploited remotely to execute arbitrary code.
  9. Information disclosure vulnerability in specific special register read operations for some Intel Processors can be exploited to obtain sensitive information.
  10. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  11. An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely to gain privileges.
  12. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
  13. A denial of service vulnerability in Windows Kernel can be exploited remotely to cause denial of service.
  14. An elevation of privilege vulnerability in Windows Media Center can be exploited remotely to gain privileges.
  15. A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.

Original advisories

CVE-2022-30152

CVE-2022-21125

CVE-2022-30160

CVE-2022-21123

CVE-2022-21166

CVE-2022-30149

CVE-2022-30151

CVE-2022-30142

CVE-2022-30161

CVE-2022-30146

CVE-2022-21127

CVE-2022-30147

CVE-2022-30166

CVE-2022-30141

CVE-2022-30163

CVE-2022-30155

CVE-2022-30135

CVE-2022-30153

CVE-2022-30143

CVE-2022-30140

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-7

Microsoft-Windows-Server-2008

CVE list

CVE-2022-30152 critical

CVE-2022-21125 high

CVE-2022-30160 critical

CVE-2022-21123 high

CVE-2022-21166 high

CVE-2022-30149 critical

CVE-2022-30151 high

CVE-2022-30142 critical

CVE-2022-30161 critical

CVE-2022-30146 critical

CVE-2022-21127 high

CVE-2022-30147 critical

CVE-2022-30166 critical

CVE-2022-30141 critical

CVE-2022-30163 critical

CVE-2022-30155 high

CVE-2022-30135 critical

CVE-2022-30153 critical

CVE-2022-30143 critical

CVE-2022-30140 critical

KB list

5014742

5014748

5014752

5014743

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows 7 for 32-bit Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 7 for x64-based Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

References

Related

openvas 18
mskb 15
nessus 44
mscve 14
oraclelinux 11
mageia 2
avleonov 1
intel 1
hp 1
kaspersky 1
malwarebytes 1
citrix 1
xen 1
vmware 1
almalinux 2
rocky 3
osv 9
ubuntu 4
redhat 9
fedora 3
f5 1
debian 1
ibm 1
centos 1
nvd 11
thn 1
cvelist 13
prion 13
cve 12
rapid7blog 1
checkpoint_advisories 2
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5014748)
2022-06-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5014710)
2022-06-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5014738)
2022-06-15 00:00:00
mskb
mskb
June 14, 2022—KB5014748 (Monthly Rollup)
2022-06-14 07:00:00
June 14, 2022—KB5014743 (Security-only update)
2022-06-14 07:00:00
June 14, 2022—KB5014752 (Monthly Rollup)
2022-06-14 07:00:00
nessus
nessus
KB5014742: Windows 7 and Windows Server 2008 R2 Security Update (June 2022)
2022-06-14 00:00:00
KB5014743: Windows Server 2008 Security Update (June 2022)
2022-06-14 00:00:00
KB5014741: Windows Server 2012 Security Update (June 2022)
2022-06-14 00:00:00
mscve
mscve
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities
2022-06-14 07:00:00
Windows Kernel Denial of Service Vulnerability
2022-06-14 07:00:00
Windows Media Center Elevation of Privilege Vulnerability
2022-06-14 07:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2022-06-14 00:00:00
microcode_ctl security update
2022-06-23 00:00:00
microcode_ctl security update
2022-06-15 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-06-29 19:18:17
Updated kernel packages fix security vulnerabilities
2022-06-29 19:18:17
avleonov
avleonov
Microsoft Patch Tuesday June 2022: Follina RCE, NFSV4.1 RCE, LDAP RCEs and bad patches
2022-06-25 12:32:07
intel
intel
Intel® Processors MMIO Stale Data Advisory
2022-10-19 00:00:00
hp
hp
Intel® Processors June 2022 Security Update
2022-06-14 00:00:00
kaspersky
kaspersky
KLA12569 Multiple vulnerabilities in Microsoft Windows
2022-06-14 00:00:00
malwarebytes
malwarebytes
Intel CPU vulnerabilities fixed. But should you update?
2023-03-06 07:00:00
citrix
citrix
Citrix Hypervisor Security Update
2022-06-23 20:06:39
xen
xen
x86: MMIO Stale Data vulnerabilities
2022-06-14 18:21:00
vmware
vmware
VMware ESXi addresses DirectPath I/O (PCI-Passthrough) Information Leak vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)
2022-06-14 00:00:00
almalinux
almalinux
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-09-13 07:36:33
kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
microcode_ctl bug fix and enhancement update
2022-11-02 13:51:49
osv
osv
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
intel-microcode - security update
2022-07-06 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2022-07-01 00:00:00
Linux kernel vulnerabilities
2022-06-17 00:00:00
Linux kernel vulnerabilities
2022-06-16 00:00:00
redhat
redhat
(RHSA-2022:6460) Moderate: kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
(RHSA-2022:6437) Moderate: kernel-rt security and bug fix update
2022-09-13 07:36:33
(RHSA-2022:6872) Important: kernel security update
2022-10-11 12:19:05
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-4.fc36
2022-07-01 01:09:33
[SECURITY] Fedora 36 Update: kernel-5.18.5-200.fc36
2022-06-17 01:16:22
[SECURITY] Fedora 35 Update: kernel-5.18.5-100.fc35
2022-06-18 01:45:12
f5
f5
K04808933 : Intel Processors MMIO Stale Data Advisory vulnerabilities CVE-2022-21123, CVE-2022-21125, and CVE-2022-21127
2022-07-18 00:00:00
debian
debian
[SECURITY] [DSA 5178-1] intel-microcode security update
2022-07-06 13:12:52
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Intel Processors affect IBM Cloud Pak System
2023-03-31 15:06:36
centos
centos
bpftool, kernel, perf, python security update
2022-08-15 17:35:43
nvd
nvd
CVE-2022-30135
2022-06-15 22:15:13
CVE-2022-30149
2022-06-15 22:15:13
CVE-2022-30142
2022-06-15 22:15:13
thn
thn
Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability
2022-06-15 03:42:00
cvelist
cvelist
CVE-2022-30140 Windows iSCSI Discovery Service Remote Code Execution Vulnerability
2022-06-15 21:51:27
CVE-2022-30147 Windows Installer Elevation of Privilege Vulnerability
2022-06-15 21:51:36
CVE-2022-30149 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
2022-06-15 21:51:39
prion
prion
Privilege escalation
2022-06-15 22:15:00
Privilege escalation
2022-06-15 22:15:00
Denial of service
2022-06-15 22:15:00
cve
cve
CVE-2022-30161
2022-06-15 22:15:14
CVE-2022-30146
2022-06-15 22:15:13
CVE-2022-30147
2022-06-15 22:15:13
rapid7blog
rapid7blog
Patch Tuesday - June 2022
2022-06-14 19:37:50
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Installer Elevation of Privilege (CVE-2022-30147)
2022-06-14 00:00:00
Microsoft Advanced Local Procedure Call Elevation of Privilege (CVE-2022-30160)
2022-06-14 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

JSON
Related for KLA12568
openvas18mskb15nessus44mscve14oraclelinux11mageia2avleonov1intel1hp1kaspersky1malwarebytes1citrix1xen1vmware1almalinux2rocky3osv9ubuntu4redhat9fedora3f51debian1ibm1centos1nvd11thn1cvelist13prion13cve12rapid7blog1checkpoint_advisories2