PT-2022-23883 · Microsoft · Windows

Todo

Published

2022-12-09

Updated

2025-04-22

CVE-2022-3724

CVSS v3.1

6.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Wireshark versions 3.6.0 through 3.6.8

Description The issue is related to a crash in the USB HID protocol dissector, allowing denial of service via packet injection or crafted capture file on Windows.

Recommendations For Wireshark versions 3.6.0 through 3.6.8, update to a version that contains a fix for this issue to prevent denial of service attacks.

Exploit

Fix

DoS

Use of Externally-Controlled Format String

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-134

Related Identifiers

CVE-2022-3724

OESA-2023-1094

OESA-2023-1115

Affected Products

Windows

PT-2022-23883 · Microsoft · Windows

CVE-2022-3724

Weakness Enumeration

Related Identifiers

Affected Products

References · 23