CVE-2022-21970: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Overview

Severity

Medium (CVSS 6.1)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C

Category

Edge - Chromium

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Jan

Released

2022-01-06

EPSS Score

1.99% (percentile: 83.6%)

FAQ

What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 97.0.1072.55 1/6/2022 97.0.4692.71

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 1 repositories

Affected Products (1)

Browser

• Microsoft Edge (Chromium-based)

Acknowledgments

<a href="https://www.daviderceg.com/">David Erceg</a>

Revision History

• 2022-01-06: Information published.