Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-35756
7.8HIGH
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 31 May 2023
Summary
A vulnerability in the Windows Kerberos authentication system could allow an attacker to elevate their privileges within a security context. By exploiting this flaw, unauthorized users may gain elevated access to sensitive resources or perform actions that require higher privileges than those assigned to them, which may lead to further system compromise. Organizations are advised to apply the necessary security updates promptly.
Affected Version(s)
Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.19387
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.5291
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.3287
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database