PT-2022-20613 · Microsoft · Windows Firewall

Published

2022-05-20

Updated

2022-06-01

CVE-2022-31215

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Goverlan Reach Console versions prior to 10.5.1 Goverlan Reach Server versions prior to 3.70.1 Goverlan Reach Client Agents versions prior to 10.1.11

Description The issue allows remote attackers to bypass Windows Firewall blocking rules for up to 30 seconds during a Goverlan agent update operation, as the firewall is temporarily turned off.

Recommendations For Goverlan Reach Console versions prior to 10.5.1, update to version 10.5.1 or later. For Goverlan Reach Server versions prior to 3.70.1, update to version 3.70.1 or later. For Goverlan Reach Client Agents versions prior to 10.1.11, update to version 10.1.11 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-31215

Affected Products

Windows Firewall

PT-2022-20613 · Microsoft · Windows Firewall

CVE-2022-31215

Related Identifiers

Affected Products

References · 5