var-202205-1958
Vulnerability from variot
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. plural Microsoft Windows The product has Microsoft Windows Support Diagnostic Tool (MSDT) is vulnerable to remote code execution.It is possible to execute code remotely. Microsoft Windows Support Diagnostic Tool (MSDT)存在操作系统命令注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2022 Azure Edition Core Hotpatch,Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1958", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "windows 10 21h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.19044.1766" }, { "model": "windows rt 8.1", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "windows 10 1809", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.17763.3046" }, { "model": "windows 10 1607", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.14393.5192" }, { "model": "windows server 2012", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "windows server 2016", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.14393.5192" }, { "model": "windows server 20h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.19042.1766" }, { "model": "windows 7", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "windows server 2008", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": "r2" }, { "model": "windows 10 21h1", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.19043.1766" }, { "model": "windows 11 21h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.22000.739" }, { "model": "windows server 2022", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.20348.770" }, { "model": "windows 10 1507", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.10240.19325" }, { "model": "windows server 2008", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "windows 8.1", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "windows 10 20h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.19042.1766" }, { "model": "windows server 2012", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": "r2" }, { "model": "windows server 2019", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.17763.3046" }, { "model": "microsoft windows server 2022", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "(server core installation)" }, { "model": "microsoft windows rt 8.1", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2022" }, { "model": "microsoft windows server 2022", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2012" }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2019" }, { "model": "microsoft windows server 2019", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2016" }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2008 r2 for x64-based systems sp1 (server core installation)" }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2012 (server core installation)" }, { "model": "microsoft windows 8.1", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server 2016", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows 10", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "20h2 (server core installation)" }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2019 (server core installation)" }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2016 (server core installation)" }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2012 r2" }, { "model": "microsoft windows server 2008", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2008 r2 for x64-based systems sp1" }, { "model": "microsoft windows 11", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows 7", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2022 (server core installation)" }, { "model": "microsoft windows server 2012", "scope": null, "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": null }, { "model": "microsoft windows server", "scope": "eq", "trust": 0.8, "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8", "version": "2012 r2 (server core installation)" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "NVD", "id": "CVE-2022-30190" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2022-30190" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "crazyman\u003c/a\u003e with Shadow Chaser Group\u003c/a\u003e", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-4277" } ], "trust": 0.6 }, "cve": "CVE-2022-30190", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2022-30190", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2022-003352", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2022-30190", "trust": 1.8, "value": "HIGH" }, { "author": "secure@microsoft.com", "id": "CVE-2022-30190", "trust": 1.0, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202205-4277", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2022-30190", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30190" }, { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "db": "NVD", "id": "CVE-2022-30190" }, { "db": "NVD", "id": "CVE-2022-30190" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user\u2019s rights. \nPlease see the\u00a0MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. plural Microsoft Windows The product has Microsoft Windows Support Diagnostic Tool (MSDT) is vulnerable to remote code execution.It is possible to execute code remotely. \nMicrosoft Windows Support Diagnostic Tool (MSDT)\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u4ee5\u4e0b\u4ea7\u54c1\u548c\u7248\u672c\u53d7\u5230\u5f71\u54cd\uff1aWindows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2022 Azure Edition Core Hotpatch,Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation) ", "sources": [ { "db": "NVD", "id": "CVE-2022-30190" }, { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "db": "VULMON", "id": "CVE-2022-30190" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-30190", "trust": 3.3 }, { "db": "PACKETSTORM", "id": "167438", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2022-003352", "trust": 0.8 }, { "db": "CS-HELP", "id": "SB2022053005", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "167313", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2022060003", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2022060034", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202205-4277", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-30190", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30190" }, { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "db": "NVD", "id": "CVE-2022-30190" } ] }, "id": "VAR-202205-1958", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 1.0 }, "last_update_date": "2024-06-28T22:37:18.945000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Microsoft\u00a0Windows\u00a0Support\u00a0Diagnostic\u00a0Tool\u00a0(MSDT)\u00a0Remote\u00a0Code\u00a0Execution\u00a0Vulnerability Security Update Guide", "trust": 0.8, "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30190" }, { "title": "Microsoft Windows Support Diagnostic Tool Fixes for operating system command injection vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=194540" }, { "title": "POC-msdt-follina\nEducational Purpose Only!\nUsage\nUpdate", "trust": 0.2, "url": "https://github.com/adkali/poc-msdt-follina " }, { "title": "Follina-MSDT-Vulnerability-CVE-2022-30190-", "trust": 0.1, "url": "https://github.com/ekamsinghwalia/follina-msdt-vulnerability-cve-2022-30190- " }, { "title": "Unofficial-Follina-Mitigation-Script\nHow to use:", "trust": 0.1, "url": "https://github.com/joseoteroo/unofficial-follina-mitigation " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/sentinelblue/cve-2022-30190 " }, { "title": "Follina-CVE-2022-30190-Unofficial-patch-\nAbout Program\nGuide\nDownload", "trust": 0.1, "url": "https://github.com/sonicwave21/follina-cve-2022-30190-unofficial-patch " }, { "title": "Follina-CVE-2022-30190-Unofficial-patch-\nAbout Program\nGuide\nDownload", "trust": 0.1, "url": "https://github.com/sonicwave21/follina-cve-2022-30190-unofficial-patch- " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/gyaansastra/cve-2022-30190 " }, { "title": "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", "trust": 0.1, "url": "https://github.com/jmousqueton/poc-msdt-follina " }, { "title": "follina (POC)\nUsage\nWorkaround\nSources", "trust": 0.1, "url": "https://github.com/noxtal/follina " }, { "title": "mitigate-folina", "trust": 0.1, "url": "https://github.com/derco0n/mitigate-folina " }, { "title": "CVE-2022-30190-Follina-Patch\nImages\nManually", "trust": 0.1, "url": "https://github.com/suegdu/cve-2022-30190-follina-patch " }, { "title": "CSAW \u002723 Qualifiers Writeups\nWeb: Philanthropy\nForensics: 1black0white\nIntro: whataxor\nCrypto: Mental Poker\nIncident Response: What is going on?\nIncident Response: Initial Access", "trust": 0.1, "url": "https://github.com/austinstitz-hacking/csaw23qual " }, { "title": "https://github.com/warren2i/MSDT_Doc_generator", "trust": 0.1, "url": "https://github.com/warren2i/msdt_doc_generator " }, { "title": "CVE-2022-30190-follina", "trust": 0.1, "url": "https://github.com/drgreenthumb93/cve-2022-30190-follina " }, { "title": "cve-2022-30190", "trust": 0.1, "url": "https://github.com/paddlingcode/cve-2022-30190 " }, { "title": "MS-MSDT_Office_RCE_Follina\nExploit DIY\nReference", "trust": 0.1, "url": "https://github.com/riki744/ms-msdt_office_rce_follina " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/itmarcin2211/cve-2022-30190 " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/meowhua15/cve-2022-30190 " }, { "title": "msdt-follina-office", "trust": 0.1, "url": "https://github.com/kdk2933/msdt-cve-2022-30190 " }, { "title": "MS-MSDT-Office-RCE-Follina", "trust": 0.1, "url": "https://github.com/achocolatechippancake/ms-msdt-office-rce-follina " }, { "title": "FOLLINA-CVE-2022-30190", "trust": 0.1, "url": "https://github.com/toxicenvelope/follina-cve-2022-30190 " }, { "title": "Better With Reg \ud83e\uddca", "trust": 0.1, "url": "https://github.com/pedrojosawczuk/betterwithreg " }, { "title": "go_follina", "trust": 0.1, "url": "https://github.com/lucaskrell/go_follina " }, { "title": "Exploits scripts - (In Progress)", "trust": 0.1, "url": "https://github.com/amitniz/exploits " }, { "title": "FollinaExtractor", "trust": 0.1, "url": "https://github.com/malwaretech/follinaextractor " }, { "title": "Follina Proof of Concept (CVE-2022-30190)\nUsage", "trust": 0.1, "url": "https://github.com/tiepologian/follina " }, { "title": "cve-2022-30190", "trust": 0.1, "url": "https://github.com/rickhenderson/cve-2022-30190 " }, { "title": "CVE-2022-30190-POC", "trust": 0.1, "url": "https://github.com/mitespsoc/cve-2022-30190-poc " }, { "title": "CVE-2022-30190 - Microsoft Support Diagnostic Tool", "trust": 0.1, "url": "https://github.com/joshuavanderpoll/cve-2022-30190 " }, { "title": "follina-CVE-2022-30190", "trust": 0.1, "url": "https://github.com/cerebrovinny/follina-cve-2022-30190 " }, { "title": "CVE-2022-30190 (Follina)", "trust": 0.1, "url": "https://github.com/winstxnhdw/cve-2022-30190 " }, { "title": "Follina-attack-CVE-2022-30190-", "trust": 0.1, "url": "https://github.com/imeneallouche/follina-attack-cve-2022-30190- " }, { "title": "Follina-CVE-2022-30190-Sample-by-ethical-blue\nVersion history\nFeatures", "trust": 0.1, "url": "https://github.com/ethicalblue/follina-cve-2022-30190-poc-sample " }, { "title": "Follina Exploiter CLI Tool MSDT Vulnerability (CVE-2022-30190)", "trust": 0.1, "url": "https://github.com/0xabbarhsf/follinaxploit " }, { "title": "Cve-2022-30190", "trust": 0.1, "url": "https://github.com/anonymouss1276/cve-2022-30190 " }, { "title": "PyRATE documentation", "trust": 0.1, "url": "https://github.com/g4vr0ch3/pyrate " }, { "title": "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", "trust": 0.1, "url": "https://github.com/jmousqueton/poc-cve-ms-office-rce " }, { "title": "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", "trust": 0.1, "url": "https://github.com/jmousqueton/poc-cve-2022-30190 " }, { "title": "CVE-2022-30190 MS-MSDT Using Follina Attack Vector\nHow It Entered The Radar?\nExplanation Of The Exploit\nHow far Could This Exploit Go Further In The Wild?\nMitigation Suggestions\nConclusion\nReferences", "trust": 0.1, "url": "https://github.com/kocdeniz/msdt-poc " }, { "title": "MSDT_CVE-2022-30190", "trust": 0.1, "url": "https://github.com/archanchoudhury/msdt_cve-2022-30190 " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/gyaansastra/cve2022-30190 " }, { "title": "Windows e TI\nLicen\u00e7a\nCorre\u00e7\u00f5es n\u00e3o oficiais\nAplicativos\nExtens\u00f5es Chrome\nSuporte", "trust": 0.1, "url": "https://github.com/chacalbl4ck/meurepositorio " }, { "title": "https://github.com/cybercy/cybercy", "trust": 0.1, "url": "https://github.com/cybercy/cybercy " }, { "title": "Cve-2022-30190", "trust": 0.1, "url": "https://github.com/dianaross20/cve-2022-30190 " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/flux10n/cve-2022-30190 " }, { "title": "IMPORTANT", "trust": 0.1, "url": "https://github.com/arozx/cve-2022-30190 " }, { "title": "Follina Exploiter CLI Tool MSDT Vulnerability (CVE-2022-30190)", "trust": 0.1, "url": "https://github.com/hrishikesh7665/follina_exploiter_cli " }, { "title": "MS-MSDT-Proactive-remediation", "trust": 0.1, "url": "https://github.com/terryb8s/ms-msdt-proactive-remediation " }, { "title": "PyRATE documentation", "trust": 0.1, "url": "https://github.com/petitprinc3/pyrate " }, { "title": "AmzWord\nRequirements\nUsage \u0026 attack process\nRemark", "trust": 0.1, "url": "https://github.com/jump-wang-111/amzword " }, { "title": "MSDT_CVE-2022-30190-follina-", "trust": 0.1, "url": "https://github.com/aymankhder/msdt_cve-2022-30190-follina- " }, { "title": "CVE 30190\nEnvironnement\nExploit\nExamples", "trust": 0.1, "url": "https://github.com/aminetitrofine/cve-2022-30190 " }, { "title": "DisableMS-MSDT", "trust": 0.1, "url": "https://github.com/kkarani1/disablems-msdt " }, { "title": "Follina-CVE-2022-30190 Proof of Concept by Nee", "trust": 0.1, "url": "https://github.com/itsnee/folina-cve-2022-30190-poc- " }, { "title": "Deathnote\nUsage\nExamples", "trust": 0.1, "url": "https://github.com/malwareman007/deathnote " }, { "title": "CVE Puller", "trust": 0.1, "url": "https://github.com/ransomsec/cvepuller " }, { "title": "msdt-follina-office", "trust": 0.1, "url": "https://github.com/kdk2933/msdt-follina-office " }, { "title": "follina_cve_2022-30190", "trust": 0.1, "url": "https://github.com/amitniz/follina_cve_2022-30190 " }, { "title": "CVE-2022-30190_EXP_PowerPoint", "trust": 0.1, "url": "https://github.com/gra3s/cve-2022-30190-powerpoint " }, { "title": "dogwalk", "trust": 0.1, "url": "https://github.com/reubensammut/dogwalk " }, { "title": "Follina", "trust": 0.1, "url": "https://github.com/abhirules27/follina " }, { "title": "Threat Hunting Simulator Using Graylog", "trust": 0.1, "url": "https://github.com/cadengh/threathunter " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/ernestak/cve-2022-30190 " }, { "title": "CVE-2022-30190_EXP_PowerPoint", "trust": 0.1, "url": "https://github.com/gra3s/cve-2022-30190-follina-powerpoint-version " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/derziad/cve-2022-30190 " }, { "title": "Follina-CVE-2022-30190-Sample-by-ethical-blue\nVersion history\nFeatures", "trust": 0.1, "url": "https://github.com/ethicalblue/follina-cve-2022-30190-sample " }, { "title": "https://github.com/gamingwithevets/msdt-disable", "trust": 0.1, "url": "https://github.com/gamingwithevets/msdt-disable " }, { "title": "\ud83e\ude79CVE-2022-30190 Temporary Fix\ud83e\ude79 (Source Code)", "trust": 0.1, "url": "https://github.com/srcroqueta/cve-2022-30190_temporary_fix_source_code " }, { "title": "msdt-follina", "trust": 0.1, "url": "https://github.com/iamvsm/msdt-follina " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/k508/cve-2022-30190 " }, { "title": "Windows-0-Day-Automated-fix", "trust": 0.1, "url": "https://github.com/oymarcel/windows-0-day-automated-fix " }, { "title": "Follina zero day office exploit patch for Windows 10", "trust": 0.1, "url": "https://github.com/hereticerik/follina-patch " }, { "title": "FollinaScanner", "trust": 0.1, "url": "https://github.com/errornointernet/follinascanner " }, { "title": "MSDT Patcher, a.k.a. CVE-2022-30190-NSIS", "trust": 0.1, "url": "https://github.com/rouben/cve-2022-30190-nsis " }, { "title": "Financial Cyber Drill 2022 - Writeup", "trust": 0.1, "url": "https://github.com/ruefulrobin/findrill2022 " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/onecloudemoji/cve-2022-30190 " }, { "title": "Five Nights at Follina\u0027s\nDisclaimer\nOffensive Tools\nDefensive Tools\nUsing Example Payloads", "trust": 0.1, "url": "https://github.com/jeffymcjeffface/five-nights-at-follina-s " }, { "title": "https://github.com/SilentExploitx/SilentExploit", "trust": 0.1, "url": "https://github.com/silentexploitx/silentexploit " }, { "title": "\ud83e\ude79CVE-2022-30190 Temporary Fix\ud83e\ude79", "trust": 0.1, "url": "https://github.com/srcroqueta/cve-2022-30190_temporary_fix " }, { "title": "Follina - CVE-2022-30190", "trust": 0.1, "url": "https://github.com/wesyhub/cve-2022-30190---follina---poc-exploit " }, { "title": "Rapid7_InsightVM", "trust": 0.1, "url": "https://github.com/cm101995/rapid7_insightvm " }, { "title": "follina-CVE-2022-30190", "trust": 0.1, "url": "https://github.com/notherealhazard/follina-cve-2022-30190 " }, { "title": "Follina Web Server", "trust": 0.1, "url": "https://github.com/nodeblue/follina " }, { "title": "https://github.com/LissanKoirala/LissanKoirala", "trust": 0.1, "url": "https://github.com/lissankoirala/lissankoirala " }, { "title": "msdt-follina-office-rce", "trust": 0.1, "url": "https://github.com/zkl21hoang/msdt-follina-office-rce " }, { "title": "CVE-2022-30190_EXP_PowerPoint", "trust": 0.1, "url": "https://github.com/gra3s/cve-2022-30190_exp_powerpoint " }, { "title": "ProductionFollinaWorkaround", "trust": 0.1, "url": "https://github.com/mh4tter/productionfollinaworkaround " }, { "title": "Follina MS-MSDT exploitation with Spring Boot", "trust": 0.1, "url": "https://github.com/dsibilio/follina-spring " }, { "title": "Proof of Concept of the original SekiganWare Malware, source code not avaliable anymore...", "trust": 0.1, "url": "https://github.com/cryxnet/sekiganware " }, { "title": "CVE-2022-30190", "trust": 0.1, "url": "https://github.com/hscorpion/cve-2022-30190 " }, { "title": "IMPORTANT", "trust": 0.1, "url": "https://github.com/arozx/cve-2022-30910 " }, { "title": "NOTE\nUSAGE", "trust": 0.1, "url": "https://github.com/yannikg/tsbe-cybersec-follina " }, { "title": "Follina-CVE-2022-30190 Proof of Concept by Nee", "trust": 0.1, "url": "https://github.com/itsnee/follina-cve-2022-30190-poc " }, { "title": "https://github.com/thanhtranntkh/SMDT-fix", "trust": 0.1, "url": "https://github.com/thanhtranntkh/smdt-fix " }, { "title": "Follina-CVE-2022-30190 Proof of Concept by Nee", "trust": 0.1, "url": "https://github.com/itsnee/folina-cve-2022-30190-poc " }, { "title": "Follina-Remediation\nThis repo has been archived since Microsoft published official fixes. See https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190 for specifics", "trust": 0.1, "url": "https://github.com/cosmo121/follina-remediation " }, { "title": "Follina workaround (CVE-2022-30190)", "trust": 0.1, "url": "https://github.com/sentrium-security/follina-workaround-cve-2022-30190 " }, { "title": "Liens pouvant \u00eatre utiles", "trust": 0.1, "url": "https://github.com/java-printemps/.github " }, { "title": "https://github.com/Muhammad-Ali007/Follina_MSDT_CVE-2022-30190", "trust": 0.1, "url": "https://github.com/muhammad-ali007/follina_msdt_cve-2022-30190 " }, { "title": "Symantec Threat Intelligence Blog", "trust": 0.1, "url": "https://www.symantec.com/blogs/threat-intelligence/follina-msdt-exploit-malware" }, { "title": "Securelist", "trust": 0.1, "url": "https://securelist.com/it-threat-evolution-in-q3-2022-non-mobile-statistics/107963/" }, { "title": "Securelist", "trust": 0.1, "url": "https://securelist.com/it-threat-evolution-q2-2022/107099/" }, { "title": "Securelist", "trust": 0.1, "url": "https://securelist.com/it-threat-evolution-in-q2-2022-non-mobile-statistics/107133/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/microsoft-patches-dogwalk-zero-day-and-17-critical-flaws/180378/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/fancy-bear-nuke-threat-lure/180056/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/" }, { "title": "Securelist", "trust": 0.1, "url": "https://securelist.com/cve-2022-30190-follina-vulnerability-in-msdt-description-and-counteraction/106703/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/microsoft-workaround-0day-attack/179776/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2022/06/09/qbot-malware-microsoft-follina/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2022/06/09/symantec-follina-microsoft/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2022/06/15/microsoft_patch_tuesday/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30190" }, { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "CNNVD", "id": "CNNVD-202205-4277" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-610", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "NVD", "id": "CVE-2022-30190" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://packetstormsecurity.com/files/167438/microsoft-office-word-msdtjs-code-execution.html" }, { "trust": 1.7, "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30190" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30190" }, { "trust": 0.8, "url": "https://www.ipa.go.jp/security/ciadr/vul/20220615-ms.html" }, { "trust": 0.8, "url": "https://www.jpcert.or.jp/at/2022/at220016.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2022060034" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2022060003" }, { "trust": 0.6, "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-30190" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/167313/microsoft-follina-proof-of-concept.html" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/microsoft-office-code-execution-via-msdt-38468" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022053005" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/610.html" }, { "trust": 0.1, "url": "https://www.theregister.co.uk/2022/06/09/qbot-malware-microsoft-follina/" }, { "trust": 0.1, "url": "https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/" }, { "trust": 0.1, "url": "https://github.com/ekamsinghwalia/follina-msdt-vulnerability-cve-2022-30190-" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30190" }, { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "db": "NVD", "id": "CVE-2022-30190" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-30190" }, { "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "db": "NVD", "id": "CVE-2022-30190" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-06-01T00:00:00", "db": "VULMON", "id": "CVE-2022-30190" }, { "date": "2023-02-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "date": "2022-05-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "date": "2022-06-01T20:15:07.983000", "db": "NVD", "id": "CVE-2022-30190" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-12-20T00:00:00", "db": "VULMON", "id": "CVE-2022-30190" }, { "date": "2023-02-15T01:52:00", "db": "JVNDB", "id": "JVNDB-2022-003352" }, { "date": "2022-06-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-4277" }, { "date": "2024-06-28T14:14:37.327000", "db": "NVD", "id": "CVE-2022-30190" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-4277" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Microsoft\u00a0Windows\u00a0 Product Remote Code Execution Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003352" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "operating system commend injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-4277" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.