CVE-2022-32230

high-risk
Published 2022-06-14

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.

Do I need to act?

!
28.8% chance of exploitation in next 30 days
EPSS score — higher than 71% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (6)

Affected Vendors

Microsoft

References (8)

Exploit https://github.com/zeroSteiner/metasploit-framework/blob/feat/mod/cve-2022-32230...
Patch https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-32230
Patch https://support.microsoft.com/en-us/topic/may-10-2022-kb5013942-os-builds-19042-...
Exploit https://www.rapid7.com/blog/post/2022/06/14/cve-2022-32230-windows-smb-denial-of...
Exploit https://github.com/zeroSteiner/metasploit-framework/blob/feat/mod/cve-2022-32230...
Patch https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-32230
Patch https://support.microsoft.com/en-us/topic/may-10-2022-kb5013942-os-builds-19042-...
Exploit https://www.rapid7.com/blog/post/2022/06/14/cve-2022-32230-windows-smb-denial-of...
54
/ 100
high-risk
Severity 26/34 · High
Exploitability 15/34 · Moderate
Exposure 13/34 · Low