CVE-2022-30144: Windows Bluetooth Service Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 7.5)

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Aug

Released

2022-08-09

EPSS Score

1.09% (percentile: 77.9%)

FAQ

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include the same shared physical network (such as Bluetooth or IEEE 802.11), logical network (local IP subnet), or from within a secure or otherwise limited administrative domain (MPLS, secure VPN to an administrative network zone). This is common to many attacks that require machine-in-the-middle (MITM) type setups or that rely on initially gaining a foothold in another environment. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.

Affected Products (20)

Windows

• Windows 10 Version 1809 for 32-bit Systems
• Windows 10 Version 1809 for x64-based Systems
• Windows 10 Version 1809 for ARM64-based Systems
• Windows 10 Version 21H1 for x64-based Systems
• Windows 10 Version 21H1 for ARM64-based Systems
• Windows 10 Version 21H1 for 32-bit Systems
• Windows 10 Version 20H2 for 32-bit Systems
• Windows 10 Version 20H2 for ARM64-based Systems
• Windows 11 version 21H2 for x64-based Systems
• Windows 11 version 21H2 for ARM64-based Systems
• Windows 10 Version 21H2 for 32-bit Systems
• Windows 10 Version 21H2 for ARM64-based Systems
• Windows 10 Version 21H2 for x64-based Systems
• Windows 10 for 32-bit Systems
• Windows 10 for x64-based Systems
• Windows 10 Version 1607 for 32-bit Systems
• Windows 10 Version 1607 for x64-based Systems
• Windows 8.1 for 32-bit systems
• Windows 8.1 for x64-based systems
• Windows RT 8.1

Security Updates (7)

• 5016623
• 5016616
• 5016629
• 5016639
• 5016622
• 5016681
• 5016683

Acknowledgments

Fernando Perera with <a href="https://www.layakk.com/">LAYAKK</a>, <a href="https://www.layakk.com/">Jose Pico</a> with <a href="https://www.layakk.com/">LAYAKK</a>

Revision History

• 2022-08-09: Information published.