PT-2021-7273 · Microsoft · Windows Point-To-Point Protocol+1

Yuki Chen

Published

2021-08-09

Updated

2025-03-28

CVE-2022-35744

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows Point-to-Point Protocol (PPP) (affected versions not specified)

Description The issue is related to a vulnerability in the implementation of the Point-to-Point Protocol (PPP) that allows for the sending of a specially crafted request to the Remote Access Service (RAS) server. This can enable a remote attacker to execute arbitrary code. The vulnerability can be exploited by remote attackers, potentially affecting the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2022-04968

CVE-2022-35744

Affected Products

Windows

Windows Point-To-Point Protocol

PT-2021-7273 · Microsoft · Windows Point-To-Point Protocol+1

CVE-2022-35744

Weakness Enumeration

Related Identifiers

Affected Products

References · 11