A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.

Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.

githubexploit 47

thn 20

cisa 1

talosblog 1

malwarebytes 7

hackerone 1

hivepro 5

msrc 4

trellix 10

cve 1

threatpost 4

qualysblog 9

schneier 1

packetstorm 2

metasploit 1

prion 1

cvelist 1

nessus 11

rapid7blog 6

cisa_kev 1

openvas 6

nvd 1

checkpoint_advisories 1

kaspersky 2

zdt 1

krebs 1

mscve 1

attackerkb 1

pentestpartners 1

securelist 4

avleonov 2

googleprojectzero 1

mskb 12

ics 1

githubexploit

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft

2022-05-31 10:47:57

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft

2022-06-13 04:20:02

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft

2022-06-29 08:48:12

thn

Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability

2022-06-01 06:02:00

New Woody RAT Malware Being Used to Target Russian Organizations

2022-08-04 12:55:00

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S

2022-06-06 02:54:00

cisa

Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability

2022-05-31 00:00:00

talosblog

Threat Advisory: Zero-day vulnerability in Microsoft diagnostic tool MSDT could lead to code execution

2022-06-02 14:53:52

malwarebytes

Woody RAT: A new feature-rich malware spotted in the wild

2022-08-03 21:00:00

FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day

2022-06-01 16:36:44

Woody RAT: A new feature-rich malware spotted in the wild

2022-08-03 21:25:52

hackerone

Reddit: Unrestricted File Upload on reddit.secure.force.com

2022-06-20 09:10:53

hivepro

Exploitation of Follina leads to takeover of domain controller

2022-11-04 12:38:02

Woody RAT leverages Follina to target Russia

2022-08-05 18:22:17

Actors, Threats and Vulnerabilities 22 to 28 May 2023

2023-05-30 07:42:00

msrc

CVE-2022-30190 マイクロソフトサポート診断ツールの脆弱性に関するガイダンス

2022-05-30 07:00:00

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

2022-05-30 07:00:00

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

2022-05-30 07:00:00

trellix

Trellix Global Defenders: Follina — Microsoft Office Zero-Day (CVE-2022-30190)

2022-06-03 00:00:00

Beyond File Search: A Novel Method

2023-07-26 00:00:00

Beyond File Search: A Novel Method

2023-07-26 00:00:00

cve

CVE-2022-30190

2022-06-01 20:15:07

threatpost

Follina Exploited by State-Sponsored Hackers

2022-06-07 12:45:00

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

2022-06-23 12:21:33

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

2022-06-01 10:38:37

qualysblog

Launching Qualys Cloud Threat Database

2023-02-08 13:50:00

Detect the Follina MSDT Vulnerability (CVE-2022-30190) with Qualys Multi-Vector EDR & Context XDR

2022-06-14 20:52:25

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk

2022-10-10 14:32:29

schneier

Clever — and Exploitable — Windows Zero-Day

2022-06-01 18:25:36

packetstorm

Microsoft Office Word MSDTJS Code Execution

2022-06-07 00:00:00

Microsoft Office MSDT Follina Proof Of Concept

2022-05-31 00:00:00

metasploit

Microsoft Office Word MSDTJS

2022-05-30 17:23:18

prion

Remote code execution

2022-06-01 20:15:00

cvelist

CVE-2022-30190 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

2022-06-01 20:10:17

nessus

The Microsoft Windows Support Diagnostic Tool (MSDT) RCE Workaround Detection (CVE-2022-30190)

2022-05-31 00:00:00

KB5014743: Windows Server 2008 Security Update (June 2022)

2022-06-14 00:00:00

KB5014742: Windows 7 and Windows Server 2008 R2 Security Update (June 2022)

2022-06-14 00:00:00

rapid7blog

CVE-2022-30190: "Follina" Microsoft Support Diagnostic Tool Vulnerability

2022-05-31 15:15:16

Metasploit Weekly Wrap-Up

2022-06-10 18:07:05

Metasploit Weekly Wrap-Up

2022-09-02 19:39:21

cisa_kev

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

2022-06-14 00:00:00

openvas

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina)

2022-06-01 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5014748)

2022-06-15 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5014710)

2022-06-15 00:00:00

nvd

CVE-2022-30190

2022-06-01 20:15:07

checkpoint_advisories

Microsoft Support Diagnostic Tool Remote Code Execution (CVE-2022-30190)

2022-06-01 00:00:00

kaspersky

KLA12550 RCE vulnerability in Microsoft Products (ESU)

2022-05-30 00:00:00

KLA12549 RCE vulnerability in Microsoft Windows

2022-05-30 00:00:00

zdt

Microsoft Office Word MSDTJS Code Execution Exploit

2022-06-07 00:00:00

krebs

Microsoft Patch Tuesday, June 2022 Edition

2022-06-15 04:52:30

mscve

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

2022-08-09 07:00:00

attackerkb

CVE-2022-30190

2022-06-01 00:00:00

pentestpartners

Follina 0day exploit. Malicious code execution in Office docs

2022-06-01 05:38:30

securelist

IT threat evolution Q2 2022

2022-08-15 12:00:34

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

2022-06-06 08:00:02

IT threat evolution in Q2 2022. Non-mobile statistics

2022-08-15 12:00:43

avleonov

Microsoft Patch Tuesday June 2022: Follina RCE, NFSV4.1 RCE, LDAP RCEs and bad patches

2022-06-25 12:32:07

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

2022-08-23 00:00:26

googleprojectzero

2022 0-day In-the-Wild Exploitation…so far

2022-06-30 00:00:00

mskb

June 14, 2022—KB5014748 (Monthly Rollup)

2022-06-14 07:00:00

June 14, 2022—KB5014710 (OS Build 10240.19325) - EXPIRED

2022-06-14 07:00:00

June 14, 2022—KB5014742 (Security-only update)

2022-06-14 07:00:00

ics

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.966 High

EPSS

Percentile

99.6%

JSON

Related for MS:CVE-2022-30190