CVE-2022-30139

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 15, 2022

Updated: Jan 2, 2025

Summary

CVE-2022-30139 is a remote code execution vulnerability affecting Windows Lightweight Directory Access Protocol (LDAP). Maliciously crafted LDAP messages can be used to exploit this issue, potentially granting attackers administrative access to compromised systems. Successful exploitation may lead to the installation of unauthorized software, unauthorized access to sensitive information, or further system compromise. Microsoft has released a patch to mitigate this vulnerability, and it is strongly recommended that all affected systems be updated as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Microsoft Windows 10
Microsoft Windows Server 2016
Windows Server 2022
Microsoft Windows Server 2019
Microsoft Windows 11

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners