CVE-2022-38041
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Oct 11, 2022
Updated: Jan 2, 2025
Summary
CVE-2022-38041 is a newly disclosed Denial of Service (DoS) vulnerability affecting Windows Secure Channel (Schannel). The flaw allows an attacker to send specially crafted messages to a targeted system, causing Schannel to enter an infinite loop, resulting in a DoS condition. This issue poses a significant risk to systems running unpatched Windows installations, as it can lead to network downtime and potentially allow further attacks. Users are strongly advised to install the latest Microsoft security updates to mitigate the risk of exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Windows 7
- Microsoft Windows 10
- Microsoft Windows 8.1
- Microsoft Windows Server 2012
- Microsoft Windows Server 2016
Affected Vendors
- Microsoft