PT-2022-4788 · Microsoft · Windows Common Log File System Driver+1
Genwei Jiang
+1
·
Published
2022-09-13
·
Updated
2024-11-24
·
CVE-2022-37969
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Windows Common Log File System Driver versions prior to 10.0.10240.19444
Windows Common Log File System Driver versions prior to 10.0.14393.5356
Windows Common Log File System Driver versions prior to the fixed version
Description
The issue is related to a buffer overflow in memory, allowing an attacker to execute arbitrary code with system privileges. This can lead to an elevation-of-privilege vulnerability, affecting the system.
Recommendations
For versions prior to 10.0.10240.19444, update to a version that includes the fix for this issue.
For versions prior to 10.0.14393.5356, update to a version that includes the fix for this issue.
For all affected versions, consider restricting access to the vulnerable driver until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
LPE
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Common Log File System Driver