CVE-2022-26932

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published May 10, 2022
Updated: Jan 2, 2025

Summary

CVE-2022-26932 is an elevation of privilege vulnerability affecting Microsoft Storage Spaces Direct. An attacker who successfully exploits this flaw can gain elevated privileges, potentially leading to unauthorized access or system takeover. The vulnerability exists due to improper handling of certain operations within the Storage Spaces Direct component. Microsoft has released a security update to address this issue. It is recommended that affected systems be promptly patched to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Windows Server 2022
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Microsoft Windows Server

Affected Vendors

  • Microsoft