CVE-2022-23270
CVSS 3.1 Score 8.1 of 10 (high)
Details
Summary
CVE-2022-23270 is a remote code execution vulnerability affecting the Windows Point-to-Point Tunneling Protocol (PPTP). Maliciously crafted PPTP packets can be used to exploit this issue, allowing attackers to execute arbitrary code on vulnerable systems. Successful exploitation could lead to a compromise of the entire network, as PPTP is often used for remote access to corporate networks. Microsoft has released a patch to address this vulnerability, and it is strongly recommended that all Windows systems be updated promptly. Failure to do so could result in serious security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows 7
- Microsoft Windows 10
- Microsoft Windows Server 2012
- Microsoft Windows 8.1
- Microsoft Windows Server 2016
Affected Vendors
- Microsoft