CVE-2022-29131

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published May 10, 2022
Updated: Jan 2, 2025

Summary

CVE-2022-29131 is a remote code execution vulnerability affecting Microsoft Windows' Lightweight Directory Access Protocol (LDAP). An attacker can exploit this issue by sending maliciously crafted LDAP messages to a targeted LDAP server. Successful exploitation allows the attacker to execute arbitrary code on the server, potentially leading to serious security compromises. Organizations using Windows LDAP servers are strongly encouraged to apply the available security patch as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows 10
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012

Affected Vendors

  • Microsoft