CVE-2022-34715: Windows Network File System Remote Code Execution Vulnerability

Overview

Severity

Critical (CVSS 9.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Aug

Released

2022-08-09

EPSS Score

38.92% (percentile: 97.3%)

FAQ

How could an attacker exploit this vulnerability? This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). What version of Network File System (NFS) is affected by this vulnerability? Servers that have Network File System version 4.0 (NFS 4.0) installed are affected by this vulnerability. I am running a supported version of Windows Server. Is my system vulnerable to this issue? This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. More information on installing or uninstalling Roles or Role Services is available here.

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 1 repositories

Affected Products (2)

Windows

• Windows Server 2022
• Windows Server 2022 (Server Core installation)

Security Updates (1)

• 5016627

Acknowledgments

Arimura

Revision History

• 2022-08-09: Information published.