CVE-2022-38041

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 11, 2022
Updated: Jan 2, 2025

Summary

CVE-2022-38041 is a newly disclosed Denial of Service (DoS) vulnerability affecting Windows Secure Channel (Schannel). The flaw allows an attacker to send specially crafted messages to a targeted system, causing Schannel to enter an infinite loop, resulting in a DoS condition. This issue poses a significant risk to systems running unpatched Windows installations, as it can lead to network downtime and potentially allow further attacks. Users are strongly advised to install the latest Microsoft security updates to mitigate the risk of exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 7
  • Microsoft Windows 10
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2016

Affected Vendors

  • Microsoft