CVE-2022-38034

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 11, 2022
Updated: Jan 2, 2025

Summary

CVE-2022-38034 is a Windows Workstation Service elevation of privilege vulnerability. An attacker who successfully exploits this weakness can gain administrative rights on an affected system. The vulnerability stems from improper access control in the Workstation Service. An attacker could potentially exploit this flaw through a specially crafted remote connection or by running a malicious program on an impacted machine. This issue affects certain Windows versions and requires a local attack or remote access with valid credentials to be exploited. Microsoft has released a security update to address this vulnerability, and it is recommended that all affected systems be updated as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows 10
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012

Affected Vendors

  • Microsoft