CVE-2022-29131
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published May 10, 2022
Updated: Jan 2, 2025
Summary
CVE-2022-29131 is a remote code execution vulnerability affecting Microsoft Windows' Lightweight Directory Access Protocol (LDAP). An attacker can exploit this issue by sending maliciously crafted LDAP messages to a targeted LDAP server. Successful exploitation allows the attacker to execute arbitrary code on the server, potentially leading to serious security compromises. Organizations using Windows LDAP servers are strongly encouraged to apply the available security patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Windows Server 2008
- Microsoft Windows 7
- Microsoft Windows 10
- Microsoft Windows 8.1
- Microsoft Windows Server 2012
Affected Vendors
- Microsoft