25th May 2022

Network File System Remote Code Execution Vulnerability – CVE-2022-26923

Microsoft published a critical security vulnerability with CVSS V3.1 Score 9.8 that will cause remote code execution in Network File System (NFS). A critical classified vulnerability has been found in Microsoft Windows. Affected is an unknown function of the Active Directory Domain Services component.

How Does the Vulnerability Affect?

An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could allow remote code execution. Although there is no exploit detection for the published vulnerability, it is thought that attackers can produce exploit codes by examining and working on this fix, since it has released a security vulnerability and a patch.

Affected Systems

Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019

Solution and CVE/CWE

CVE/CWE: CVE-2022-26923

The patch link published by Microsoft regarding the vulnerability is below. Nessus has a plugin for vulnerability detection.

Patch link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26937

Note: Those with CVSS 3.1 scores of 7.0-8.9 (out of 10) are considered “high”, and those with 9.0-10.0 are considered “critical”.

LEARN MORE  Microsoft Exchange Server Remote Code Execution Vulnerability - CVE-2021-34473

Reference:

Leave a Reply

Your email address will not be published. Required fields are marked *