Lucene search
Hyp3rlinx1337DAY-ID-38209HistoryFeb 20, 2023 - 12:00 a.m.
Microsoft Windows Contact File Remote Code Execution Vulnerability
2023-02-2000:00:00
hyp3rlinx
0day.today
341
microsoft windows
contact file
remote code execution
resurrected 2022
cve-2022-44666
trend micro zero day initiative
ldap
protocol vectors
html injection
apparitionsec
j00sean
zdi-can-6920
zdi-can-7591
exploit
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
78.8%
[-] Microsoft Windows Contact file / Remote Code Execution (Resurrected 2022) / CVE-2022-44666
[+] John Page (aka hyp3rlinx)
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec
Back in 2018 I discovered three related Windows remote code execution vulnerabilities affecting both VCF and Contact files.
They were purchased by Trend Micro Zero Day Initiative (@thezdi) from me and received candidate identifiers ZDI-CAN-6920 and ZDI-CAN-7591.
Microsoft as usual denied a fix and it was subsequently dropped as a zero day on January 10, 2019 in coordination with the ZDI program.
Almost five years passed, until researcher j00sean resurrected the flaws to add additional protocol vectors LDAP etc.
Microsoft finally decided to patch and assign CVE-2022-44666 even though the vulnerabilities are exactly the same.
Old 2019 advisories:
=====================
1) Windows VCF RCE
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-VCF-FILE-INSUFFICIENT-WARNING-REMOTE-CODE-EXECUTION.txt
2) Windows Contact HTML injection
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-HTML-INJECTION-MAILTO-LINK-ARBITRARY-CODE-EXECUTION.txt
3) Windows Contact RCE
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-INSUFFECIENT-UI-WARNING-WEBSITE-LINK-ARBITRARY-CODE-EXECUTION.txt
Circa 2022 updated:
=====================
https://github.com/j00sean/CVE-2022-44666#readme
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-44666
Related
cve
cve
CVE-2022-44666
2022-12-13 19:15:12
nvd
nvd
CVE-2022-44666
2022-12-13 19:15:12
prion
prion
Remote code execution
2022-12-13 19:15:00
mscve
mscve
Windows Contacts Remote Code Execution Vulnerability
2022-12-13 08:00:00
cvelist
cvelist
CVE-2022-44666 Windows Contacts Remote Code Execution Vulnerability
2022-12-13 00:00:00
githubexploit
githubexploit
Exploit for CVE-2022-44666
2023-02-15 18:12:04
nessus
nessus
KB5021293: Windows Server 2008 Security Update (December 2022)
2022-12-13 00:00:00
KB5021288: Windows Server 2008 R2 Security Update (December 2022)
2022-12-13 00:00:00
KB5021243: Windows 10 LTS 1507 Security Update (December 2022)
2022-12-13 00:00:00
mskb
mskb
December 13, 2022âKB5021293 (Security-only update)
2022-12-13 08:00:00
December 13, 2022âKB5021289 (Monthly Rollup)
2022-12-13 08:00:00
December 13, 2022âKB5021288 (Security-only update)
2022-12-13 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5021291)
2022-12-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5021235)
2022-12-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5021243)
2022-12-14 00:00:00
kaspersky
kaspersky
KLA20118 Multiple vulnerabilities in Microsoft Products (ESU)
2022-12-13 00:00:00
KLA20117 Multiple vulnerabilities in Microsoft Windows
2022-12-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - December 2022
2022-12-13 21:24:06
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
78.8%
Related for 1337DAY-ID-38209