PT-2022-4787 · Microsoft · Windows

Quan Luo

Published

2022-09-13

Updated

2025-04-11

CVE-2022-34718

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version

Description The vulnerability is related to errors in handling input data in the implementation of the TCP/IP protocol in Windows operating systems. This issue allows a remote attacker to execute arbitrary code and affect the system.

Recommendations As a temporary workaround, consider disabling the vulnerable TCP/IP protocol until a patch is available. Restrict access to the vulnerable TCP/IP module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2022-05728

CVE-2022-34718

Affected Products

Windows

PT-2022-4787 · Microsoft · Windows

CVE-2022-34718

Weakness Enumeration

Related Identifiers

Affected Products

References · 23