Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-35756

7.8HIGH

Summary

A vulnerability in the Windows Kerberos authentication system could allow an attacker to elevate their privileges within a security context. By exploiting this flaw, unauthorized users may gain elevated access to sensitive resources or perform actions that require higher privileges than those assigned to them, which may lead to further system compromise. Organizations are advised to apply the necessary security updates promptly.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.19387

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.5291

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.3287

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.