CVE-2022-34713

{"id": "CVE-2022-34713", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "secure@microsoft.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-08-09T20:15:11.487", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability"}, {"lang": "es", "value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en Microsoft Windows Support Diagnostic Tool (MSDT). Este ID de CVE es diferente de CVE-2022-35743"}], "lastModified": "2024-06-28T14:13:04.940", "cisaActionDue": "2022-08-30", "cisaExploitAdd": "2022-08-09", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "277405AA-FD3E-4D9C-A517-699DACC4C73A", "versionEndExcluding": "10.0.10240.19387"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA14A226-5C8E-47C6-A01B-59696B55E725", "versionEndExcluding": "10.0.14393.5291"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E10FB53B-BB2F-4EE5-B8CA-3C382A844EA5", "versionEndExcluding": "10.0.17763.3287"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85213B81-17AA-49D6-9CCD-FF760D4DA598", "versionEndExcluding": "10.0.19042.1889"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "CB0CF625-97ED-4985-AA28-9D3110AD9CFB", "versionEndExcluding": "10.0.19043.1889"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F8DCD6B-C358-48DE-B39C-99432DD427E3", "versionEndExcluding": "10.0.19044.1889"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEAAF664-B70D-4228-B962-5D0AD81DD066", "versionEndExcluding": "10.0.22000.856"}, {"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "7FE8B00B-4F39-4755-A323-8AD71F5E3EBE"}, {"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "06BBFA69-94E2-4BAB-AFD3-BC434B11D106"}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "C936FD4F-959C-43B8-9917-E2A0DF4A8793"}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "DF8ABB14-84CF-4BBC-99C9-DA6C0F7A0619"}, {"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1839B33E-0EC7-4B78-8D34-0EAC2F934B82", "versionEndExcluding": "10.0.14393.5291"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "898EEB05-FF57-4D96-B745-B3EF23CCFCC3", "versionEndExcluding": "10.0.17763.3287"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F780FD60-3B7C-4590-95F5-A66FECCE3157", "versionEndExcluding": "10.0.20348.887"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FA7AAE5-2F90-4C7D-9607-0DFC65F52260", "versionEndExcluding": "10.0.19042.1889"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability"}