var-202205-1958
Vulnerability from variot
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. plural Microsoft Windows The product has Microsoft Windows Support Diagnostic Tool (MSDT) is vulnerable to remote code execution.It is possible to execute code remotely. Microsoft Windows Support Diagnostic Tool (MSDT)存在操作系统命令注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2022 Azure Edition Core Hotpatch,Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1958", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "windows 10 21h2", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.19044.1766", }, { model: "windows rt 8.1", scope: "eq", trust: 1, vendor: "microsoft", version: null, }, { model: "windows 10 1809", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.17763.3046", }, { model: "windows 10 1607", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.14393.5192", }, { model: "windows server 2012", scope: "eq", trust: 1, vendor: "microsoft", version: null, }, { model: "windows server 2016", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.14393.5192", }, { model: "windows server 20h2", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.19042.1766", }, { model: "windows 7", scope: "eq", trust: 1, vendor: "microsoft", version: null, }, { model: "windows server 2008", scope: "eq", trust: 1, vendor: "microsoft", version: "r2", }, { model: "windows 10 21h1", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.19043.1766", }, { model: "windows 11 21h2", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.22000.739", }, { model: "windows server 2022", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.20348.770", }, { model: "windows 10 1507", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.10240.19325", }, { model: "windows server 2008", scope: "eq", trust: 1, vendor: "microsoft", version: null, }, { model: "windows 8.1", scope: "eq", trust: 1, vendor: "microsoft", version: null, }, { model: "windows 10 20h2", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.19042.1766", }, { model: "windows server 2012", scope: "eq", trust: 1, vendor: "microsoft", version: "r2", }, { model: "windows server 2019", scope: "lt", trust: 1, vendor: "microsoft", version: "10.0.17763.3046", }, { model: "microsoft windows server 2022", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "(server core installation)", }, { model: "microsoft windows rt 8.1", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2022", }, { model: "microsoft windows server 2022", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2012", }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2019", }, { model: "microsoft windows server 2019", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2016", }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2008 r2 for x64-based systems sp1 (server core installation)", }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2012 (server core installation)", }, { model: "microsoft windows 8.1", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server 2016", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows 10", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "20h2 (server core installation)", }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2019 (server core installation)", }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2016 (server core installation)", }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2012 r2", }, { model: "microsoft windows server 2008", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2008 r2 for x64-based systems sp1", }, { model: "microsoft windows 11", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows 7", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2022 (server core installation)", }, { model: "microsoft windows server 2012", scope: null, trust: 0.8, vendor: "マイクロソフト", version: null, }, { model: "microsoft windows server", scope: "eq", trust: 0.8, vendor: "マイクロソフト", version: "2012 r2 (server core installation)", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "NVD", id: "CVE-2022-30190", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2022-30190", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "crazyman</a> with Shadow Chaser Group</a>", sources: [ { db: "CNNVD", id: "CNNVD-202205-4277", }, ], trust: 0.6, }, cve: "CVE-2022-30190", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 9.3, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2022-30190", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "OTHER", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2022-003352", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2022-30190", trust: 1.8, value: "HIGH", }, { author: "secure@microsoft.com", id: "CVE-2022-30190", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202205-4277", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2022-30190", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2022-30190", }, { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "CNNVD", id: "CNNVD-202205-4277", }, { db: "NVD", id: "CVE-2022-30190", }, { db: "NVD", id: "CVE-2022-30190", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. \nPlease see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. plural Microsoft Windows The product has Microsoft Windows Support Diagnostic Tool (MSDT) is vulnerable to remote code execution.It is possible to execute code remotely. \nMicrosoft Windows Support Diagnostic Tool (MSDT)存在操作系统命令注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2022 Azure Edition Core Hotpatch,Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation) ", sources: [ { db: "NVD", id: "CVE-2022-30190", }, { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "CNNVD", id: "CNNVD-202205-4277", }, { db: "VULMON", id: "CVE-2022-30190", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-30190", trust: 3.3, }, { db: "PACKETSTORM", id: "167438", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2022-003352", trust: 0.8, }, { db: "CS-HELP", id: "SB2022053005", trust: 0.6, }, { db: "PACKETSTORM", id: "167313", trust: 0.6, }, { db: "CXSECURITY", id: "WLB-2022060003", trust: 0.6, }, { db: "CXSECURITY", id: "WLB-2022060034", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202205-4277", trust: 0.6, }, { db: "VULMON", id: "CVE-2022-30190", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2022-30190", }, { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "CNNVD", id: "CNNVD-202205-4277", }, { db: "NVD", id: "CVE-2022-30190", }, ], }, id: "VAR-202205-1958", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 1, }, last_update_date: "2024-06-28T22:37:18.945000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability Security Update Guide", trust: 0.8, url: "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30190", }, { title: "Microsoft Windows Support Diagnostic Tool Fixes for operating system command injection vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=194540", }, { title: "POC-msdt-follina\nEducational Purpose Only!\nUsage\nUpdate", trust: 0.2, url: "https://github.com/adkali/poc-msdt-follina ", }, { title: "Follina-MSDT-Vulnerability-CVE-2022-30190-", trust: 0.1, url: "https://github.com/ekamsinghwalia/follina-msdt-vulnerability-cve-2022-30190- ", }, { title: "Unofficial-Follina-Mitigation-Script\nHow to use:", trust: 0.1, url: "https://github.com/joseoteroo/unofficial-follina-mitigation ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/sentinelblue/cve-2022-30190 ", }, { title: "Follina-CVE-2022-30190-Unofficial-patch-\nAbout Program\nGuide\nDownload", trust: 0.1, url: "https://github.com/sonicwave21/follina-cve-2022-30190-unofficial-patch ", }, { title: "Follina-CVE-2022-30190-Unofficial-patch-\nAbout Program\nGuide\nDownload", trust: 0.1, url: "https://github.com/sonicwave21/follina-cve-2022-30190-unofficial-patch- ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/gyaansastra/cve-2022-30190 ", }, { title: "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", trust: 0.1, url: "https://github.com/jmousqueton/poc-msdt-follina ", }, { title: "follina (POC)\nUsage\nWorkaround\nSources", trust: 0.1, url: "https://github.com/noxtal/follina ", }, { title: "mitigate-folina", trust: 0.1, url: "https://github.com/derco0n/mitigate-folina ", }, { title: "CVE-2022-30190-Follina-Patch\nImages\nManually", trust: 0.1, url: "https://github.com/suegdu/cve-2022-30190-follina-patch ", }, { title: "CSAW '23 Qualifiers Writeups\nWeb: Philanthropy\nForensics: 1black0white\nIntro: whataxor\nCrypto: Mental Poker\nIncident Response: What is going on?\nIncident Response: Initial Access", trust: 0.1, url: "https://github.com/austinstitz-hacking/csaw23qual ", }, { title: "https://github.com/warren2i/MSDT_Doc_generator", trust: 0.1, url: "https://github.com/warren2i/msdt_doc_generator ", }, { title: "CVE-2022-30190-follina", trust: 0.1, url: "https://github.com/drgreenthumb93/cve-2022-30190-follina ", }, { title: "cve-2022-30190", trust: 0.1, url: "https://github.com/paddlingcode/cve-2022-30190 ", }, { title: "MS-MSDT_Office_RCE_Follina\nExploit DIY\nReference", trust: 0.1, url: "https://github.com/riki744/ms-msdt_office_rce_follina ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/itmarcin2211/cve-2022-30190 ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/meowhua15/cve-2022-30190 ", }, { title: "msdt-follina-office", trust: 0.1, url: "https://github.com/kdk2933/msdt-cve-2022-30190 ", }, { title: "MS-MSDT-Office-RCE-Follina", trust: 0.1, url: "https://github.com/achocolatechippancake/ms-msdt-office-rce-follina ", }, { title: "FOLLINA-CVE-2022-30190", trust: 0.1, url: "https://github.com/toxicenvelope/follina-cve-2022-30190 ", }, { title: "Better With Reg 🧊", trust: 0.1, url: "https://github.com/pedrojosawczuk/betterwithreg ", }, { title: "go_follina", trust: 0.1, url: "https://github.com/lucaskrell/go_follina ", }, { title: "Exploits scripts - (In Progress)", trust: 0.1, url: "https://github.com/amitniz/exploits ", }, { title: "FollinaExtractor", trust: 0.1, url: "https://github.com/malwaretech/follinaextractor ", }, { title: "Follina Proof of Concept (CVE-2022-30190)\nUsage", trust: 0.1, url: "https://github.com/tiepologian/follina ", }, { title: "cve-2022-30190", trust: 0.1, url: "https://github.com/rickhenderson/cve-2022-30190 ", }, { title: "CVE-2022-30190-POC", trust: 0.1, url: "https://github.com/mitespsoc/cve-2022-30190-poc ", }, { title: "CVE-2022-30190 - Microsoft Support Diagnostic Tool", trust: 0.1, url: "https://github.com/joshuavanderpoll/cve-2022-30190 ", }, { title: "follina-CVE-2022-30190", trust: 0.1, url: "https://github.com/cerebrovinny/follina-cve-2022-30190 ", }, { title: "CVE-2022-30190 (Follina)", trust: 0.1, url: "https://github.com/winstxnhdw/cve-2022-30190 ", }, { title: "Follina-attack-CVE-2022-30190-", trust: 0.1, url: "https://github.com/imeneallouche/follina-attack-cve-2022-30190- ", }, { title: "Follina-CVE-2022-30190-Sample-by-ethical-blue\nVersion history\nFeatures", trust: 0.1, url: "https://github.com/ethicalblue/follina-cve-2022-30190-poc-sample ", }, { title: "Follina Exploiter CLI Tool MSDT Vulnerability (CVE-2022-30190)", trust: 0.1, url: "https://github.com/0xabbarhsf/follinaxploit ", }, { title: "Cve-2022-30190", trust: 0.1, url: "https://github.com/anonymouss1276/cve-2022-30190 ", }, { title: "PyRATE documentation", trust: 0.1, url: "https://github.com/g4vr0ch3/pyrate ", }, { title: "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", trust: 0.1, url: "https://github.com/jmousqueton/poc-cve-ms-office-rce ", }, { title: "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", trust: 0.1, url: "https://github.com/jmousqueton/poc-cve-2022-30190 ", }, { title: "CVE-2022-30190 MS-MSDT Using Follina Attack Vector\nHow It Entered The Radar?\nExplanation Of The Exploit\nHow far Could This Exploit Go Further In The Wild?\nMitigation Suggestions\nConclusion\nReferences", trust: 0.1, url: "https://github.com/kocdeniz/msdt-poc ", }, { title: "MSDT_CVE-2022-30190", trust: 0.1, url: "https://github.com/archanchoudhury/msdt_cve-2022-30190 ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/gyaansastra/cve2022-30190 ", }, { title: "Windows e TI\nLicença\nCorreções não oficiais\nAplicativos\nExtensões Chrome\nSuporte", trust: 0.1, url: "https://github.com/chacalbl4ck/meurepositorio ", }, { title: "https://github.com/cybercy/cybercy", trust: 0.1, url: "https://github.com/cybercy/cybercy ", }, { title: "Cve-2022-30190", trust: 0.1, url: "https://github.com/dianaross20/cve-2022-30190 ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/flux10n/cve-2022-30190 ", }, { title: "IMPORTANT", trust: 0.1, url: "https://github.com/arozx/cve-2022-30190 ", }, { title: "Follina Exploiter CLI Tool MSDT Vulnerability (CVE-2022-30190)", trust: 0.1, url: "https://github.com/hrishikesh7665/follina_exploiter_cli ", }, { title: "MS-MSDT-Proactive-remediation", trust: 0.1, url: "https://github.com/terryb8s/ms-msdt-proactive-remediation ", }, { title: "PyRATE documentation", trust: 0.1, url: "https://github.com/petitprinc3/pyrate ", }, { title: "AmzWord\nRequirements\nUsage & attack process\nRemark", trust: 0.1, url: "https://github.com/jump-wang-111/amzword ", }, { title: "MSDT_CVE-2022-30190-follina-", trust: 0.1, url: "https://github.com/aymankhder/msdt_cve-2022-30190-follina- ", }, { title: "CVE 30190\nEnvironnement\nExploit\nExamples", trust: 0.1, url: "https://github.com/aminetitrofine/cve-2022-30190 ", }, { title: "DisableMS-MSDT", trust: 0.1, url: "https://github.com/kkarani1/disablems-msdt ", }, { title: "Follina-CVE-2022-30190 Proof of Concept by Nee", trust: 0.1, url: "https://github.com/itsnee/folina-cve-2022-30190-poc- ", }, { title: "Deathnote\nUsage\nExamples", trust: 0.1, url: "https://github.com/malwareman007/deathnote ", }, { title: "CVE Puller", trust: 0.1, url: "https://github.com/ransomsec/cvepuller ", }, { title: "msdt-follina-office", trust: 0.1, url: "https://github.com/kdk2933/msdt-follina-office ", }, { title: "follina_cve_2022-30190", trust: 0.1, url: "https://github.com/amitniz/follina_cve_2022-30190 ", }, { title: "CVE-2022-30190_EXP_PowerPoint", trust: 0.1, url: "https://github.com/gra3s/cve-2022-30190-powerpoint ", }, { title: "dogwalk", trust: 0.1, url: "https://github.com/reubensammut/dogwalk ", }, { title: "Follina", trust: 0.1, url: "https://github.com/abhirules27/follina ", }, { title: "Threat Hunting Simulator Using Graylog", trust: 0.1, url: "https://github.com/cadengh/threathunter ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/ernestak/cve-2022-30190 ", }, { title: "CVE-2022-30190_EXP_PowerPoint", trust: 0.1, url: "https://github.com/gra3s/cve-2022-30190-follina-powerpoint-version ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/derziad/cve-2022-30190 ", }, { title: "Follina-CVE-2022-30190-Sample-by-ethical-blue\nVersion history\nFeatures", trust: 0.1, url: "https://github.com/ethicalblue/follina-cve-2022-30190-sample ", }, { title: "https://github.com/gamingwithevets/msdt-disable", trust: 0.1, url: "https://github.com/gamingwithevets/msdt-disable ", }, { title: "🩹CVE-2022-30190 Temporary Fix🩹 (Source Code)", trust: 0.1, url: "https://github.com/srcroqueta/cve-2022-30190_temporary_fix_source_code ", }, { title: "msdt-follina", trust: 0.1, url: "https://github.com/iamvsm/msdt-follina ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/k508/cve-2022-30190 ", }, { title: "Windows-0-Day-Automated-fix", trust: 0.1, url: "https://github.com/oymarcel/windows-0-day-automated-fix ", }, { title: "Follina zero day office exploit patch for Windows 10", trust: 0.1, url: "https://github.com/hereticerik/follina-patch ", }, { title: "FollinaScanner", trust: 0.1, url: "https://github.com/errornointernet/follinascanner ", }, { title: "MSDT Patcher, a.k.a. CVE-2022-30190-NSIS", trust: 0.1, url: "https://github.com/rouben/cve-2022-30190-nsis ", }, { title: "Financial Cyber Drill 2022 - Writeup", trust: 0.1, url: "https://github.com/ruefulrobin/findrill2022 ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/onecloudemoji/cve-2022-30190 ", }, { title: "Five Nights at Follina's\nDisclaimer\nOffensive Tools\nDefensive Tools\nUsing Example Payloads", trust: 0.1, url: "https://github.com/jeffymcjeffface/five-nights-at-follina-s ", }, { title: "https://github.com/SilentExploitx/SilentExploit", trust: 0.1, url: "https://github.com/silentexploitx/silentexploit ", }, { title: "🩹CVE-2022-30190 Temporary Fix🩹", trust: 0.1, url: "https://github.com/srcroqueta/cve-2022-30190_temporary_fix ", }, { title: "Follina - CVE-2022-30190", trust: 0.1, url: "https://github.com/wesyhub/cve-2022-30190---follina---poc-exploit ", }, { title: "Rapid7_InsightVM", trust: 0.1, url: "https://github.com/cm101995/rapid7_insightvm ", }, { title: "follina-CVE-2022-30190", trust: 0.1, url: "https://github.com/notherealhazard/follina-cve-2022-30190 ", }, { title: "Follina Web Server", trust: 0.1, url: "https://github.com/nodeblue/follina ", }, { title: "https://github.com/LissanKoirala/LissanKoirala", trust: 0.1, url: "https://github.com/lissankoirala/lissankoirala ", }, { title: "msdt-follina-office-rce", trust: 0.1, url: "https://github.com/zkl21hoang/msdt-follina-office-rce ", }, { title: "CVE-2022-30190_EXP_PowerPoint", trust: 0.1, url: "https://github.com/gra3s/cve-2022-30190_exp_powerpoint ", }, { title: "ProductionFollinaWorkaround", trust: 0.1, url: "https://github.com/mh4tter/productionfollinaworkaround ", }, { title: "Follina MS-MSDT exploitation with Spring Boot", trust: 0.1, url: "https://github.com/dsibilio/follina-spring ", }, { title: "Proof of Concept of the original SekiganWare Malware, source code not avaliable anymore...", trust: 0.1, url: "https://github.com/cryxnet/sekiganware ", }, { title: "CVE-2022-30190", trust: 0.1, url: "https://github.com/hscorpion/cve-2022-30190 ", }, { title: "IMPORTANT", trust: 0.1, url: "https://github.com/arozx/cve-2022-30910 ", }, { title: "NOTE\nUSAGE", trust: 0.1, url: "https://github.com/yannikg/tsbe-cybersec-follina ", }, { title: "Follina-CVE-2022-30190 Proof of Concept by Nee", trust: 0.1, url: "https://github.com/itsnee/follina-cve-2022-30190-poc ", }, { title: "https://github.com/thanhtranntkh/SMDT-fix", trust: 0.1, url: "https://github.com/thanhtranntkh/smdt-fix ", }, { title: "Follina-CVE-2022-30190 Proof of Concept by Nee", trust: 0.1, url: "https://github.com/itsnee/folina-cve-2022-30190-poc ", }, { title: "Follina-Remediation\nThis repo has been archived since Microsoft published official fixes. See https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190 for specifics", trust: 0.1, url: "https://github.com/cosmo121/follina-remediation ", }, { title: "Follina workaround (CVE-2022-30190)", trust: 0.1, url: "https://github.com/sentrium-security/follina-workaround-cve-2022-30190 ", }, { title: "Liens pouvant être utiles", trust: 0.1, url: "https://github.com/java-printemps/.github ", }, { title: "https://github.com/Muhammad-Ali007/Follina_MSDT_CVE-2022-30190", trust: 0.1, url: "https://github.com/muhammad-ali007/follina_msdt_cve-2022-30190 ", }, { title: "Symantec Threat Intelligence Blog", trust: 0.1, url: "https://www.symantec.com/blogs/threat-intelligence/follina-msdt-exploit-malware", }, { title: "Securelist", trust: 0.1, url: "https://securelist.com/it-threat-evolution-in-q3-2022-non-mobile-statistics/107963/", }, { title: "Securelist", trust: 0.1, url: "https://securelist.com/it-threat-evolution-q2-2022/107099/", }, { title: "Securelist", trust: 0.1, url: "https://securelist.com/it-threat-evolution-in-q2-2022-non-mobile-statistics/107133/", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/microsoft-patches-dogwalk-zero-day-and-17-critical-flaws/180378/", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/fancy-bear-nuke-threat-lure/180056/", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/", }, { title: "Securelist", trust: 0.1, url: "https://securelist.com/cve-2022-30190-follina-vulnerability-in-msdt-description-and-counteraction/106703/", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/microsoft-workaround-0day-attack/179776/", }, { title: "The Register", trust: 0.1, url: "https://www.theregister.co.uk/2022/06/09/qbot-malware-microsoft-follina/", }, { title: "The Register", trust: 0.1, url: "https://www.theregister.co.uk/2022/06/09/symantec-follina-microsoft/", }, { title: "The Register", trust: 0.1, url: "https://www.theregister.co.uk/2022/06/15/microsoft_patch_tuesday/", }, ], sources: [ { db: "VULMON", id: "CVE-2022-30190", }, { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "CNNVD", id: "CNNVD-202205-4277", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-610", trust: 1, }, { problemtype: "Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "NVD", id: "CVE-2022-30190", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "http://packetstormsecurity.com/files/167438/microsoft-office-word-msdtjs-code-execution.html", }, { trust: 1.7, url: "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30190", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30190", }, { trust: 0.8, url: "https://www.ipa.go.jp/security/ciadr/vul/20220615-ms.html", }, { trust: 0.8, url: "https://www.jpcert.or.jp/at/2022/at220016.html", }, { trust: 0.6, url: "https://cxsecurity.com/issue/wlb-2022060034", }, { trust: 0.6, url: "https://cxsecurity.com/issue/wlb-2022060003", }, { trust: 0.6, url: "https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-30190", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/167313/microsoft-follina-proof-of-concept.html", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/microsoft-office-code-execution-via-msdt-38468", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022053005", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/610.html", }, { trust: 0.1, url: "https://www.theregister.co.uk/2022/06/09/qbot-malware-microsoft-follina/", }, { trust: 0.1, url: "https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/", }, { trust: 0.1, url: "https://github.com/ekamsinghwalia/follina-msdt-vulnerability-cve-2022-30190-", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2022-30190", }, { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "CNNVD", id: "CNNVD-202205-4277", }, { db: "NVD", id: "CVE-2022-30190", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2022-30190", }, { db: "JVNDB", id: "JVNDB-2022-003352", }, { db: "CNNVD", id: "CNNVD-202205-4277", }, { db: "NVD", id: "CVE-2022-30190", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-06-01T00:00:00", db: "VULMON", id: "CVE-2022-30190", }, { date: "2023-02-15T00:00:00", db: "JVNDB", id: "JVNDB-2022-003352", }, { date: "2022-05-30T00:00:00", db: "CNNVD", id: "CNNVD-202205-4277", }, { date: "2022-06-01T20:15:07.983000", db: "NVD", id: "CVE-2022-30190", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-20T00:00:00", db: "VULMON", id: "CVE-2022-30190", }, { date: "2023-02-15T01:52:00", db: "JVNDB", id: "JVNDB-2022-003352", }, { date: "2022-06-13T00:00:00", db: "CNNVD", id: "CNNVD-202205-4277", }, { date: "2024-06-28T14:14:37.327000", db: "NVD", id: "CVE-2022-30190", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202205-4277", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Microsoft Windows Product Remote Code Execution Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2022-003352", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "operating system commend injection", sources: [ { db: "CNNVD", id: "CNNVD-202205-4277", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.