CVE-2022-29134: Windows Clustered Shared Volume Information Disclosure Vulnerability

Overview

Severity

Medium (CVSS 6.5)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C

Category

Information Disclosure

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-May

Released

2022-05-10

EPSS Score

0.64% (percentile: 70.6%)

FAQ

What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.

Affected Products (9)

Windows

• Windows Server 2019
• Windows Server 2019 (Server Core installation)
• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows Server, version 20H2 (Server Core Installation)
• Windows Server 2016
• Windows Server 2016 (Server Core installation)

ESU

• Windows Server 2012 R2
• Windows Server 2012 R2 (Server Core installation)

Security Updates (6)

• 5013941
• 5013944
• 5013942
• 5013952
• 5014011
• 5014001

Acknowledgments

k0shl with Kunlun Lab

Revision History

• 2022-05-10: Information published.