CVE-2022-38034
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2022-38034 is a Windows Workstation Service elevation of privilege vulnerability. An attacker who successfully exploits this weakness can gain administrative rights on an affected system. The vulnerability stems from improper access control in the Workstation Service. An attacker could potentially exploit this flaw through a specially crafted remote connection or by running a malicious program on an impacted machine. This issue affects certain Windows versions and requires a local attack or remote access with valid credentials to be exploited. Microsoft has released a security update to address this vulnerability, and it is recommended that all affected systems be updated as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows Server 2008
- Microsoft Windows 7
- Microsoft Windows 10
- Microsoft Windows 8.1
- Microsoft Windows Server 2012
Affected Vendors
- Microsoft