Microsoft published a critical security vulnerability with CVSS V3.1 Score 9.8 that will cause remote code execution in Network File System (NFS). A critical classified vulnerability has been found in Microsoft Windows. Affected is an unknown function of the Active Directory Domain Services component.
How Does the Vulnerability Affect?
An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could allow remote code execution. Although there is no exploit detection for the published vulnerability, it is thought that attackers can produce exploit codes by examining and working on this fix, since it has released a security vulnerability and a patch.
Affected Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Solution and CVE/CWE
CVE/CWE: CVE-2022-26923
The patch link published by Microsoft regarding the vulnerability is below. Nessus has a plugin for vulnerability detection.
Patch link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26937
Note: Those with CVSS 3.1 scores of 7.0-8.9 (out of 10) are considered “high”, and those with 9.0-10.0 are considered “critical”.
Reference: