CVE-2022-37970
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Oct 11, 2022
Updated: Jan 2, 2025
Summary
CVE-2022-37970 is an elevation of privilege vulnerability affecting the Windows DWM (Desktop Window Manager) Core Library. An attacker who successfully exploits this vulnerability can gain higher privileges on the target system, potentially allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability can be triggered through a specially crafted application or file, making it important for users to install available patches as soon as possible to protect against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Windows 10
- Windows Server 2022
- Microsoft Windows 11
- Microsoft Windows Server 2019
Affected Vendors
- Microsoft