CVE-2022-37970

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 11, 2022
Updated: Jan 2, 2025

Summary

CVE-2022-37970 is an elevation of privilege vulnerability affecting the Windows DWM (Desktop Window Manager) Core Library. An attacker who successfully exploits this vulnerability can gain higher privileges on the target system, potentially allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability can be triggered through a specially crafted application or file, making it important for users to install available patches as soon as possible to protect against potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 10
  • Windows Server 2022
  • Microsoft Windows 11
  • Microsoft Windows Server 2019

Affected Vendors

  • Microsoft