PowerShell Remote Code Execution Vulnerability
CVE-2022-41076

8.5HIGH

Key Information:

Vendor
Microsoft
Status
Powershell 7.2
Powershell 7.3
Windows 10 Version 1809
Windows Server 2019
Vendor
CVE Published:
13 December 2022

Badges

👾 Exploit Exists🟣 EPSS 35%

Summary

PowerShell Remote Code Execution Vulnerability

Affected Version(s)

PowerShell 7.2 Unknown 7.2.0 < 7.2.8

PowerShell 7.3 Unknown 7.3.0 < 7.3.1

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.19624

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

35% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.