Windows LSA Spoofing Vulnerability
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HMicrosoft Windows 10 1507
OSMicrosoft< 10.0.10240.19297Microsoft Windows 10 1607
OSMicrosoft< 10.0.14393.5125Microsoft Windows 10 1809
OSMicrosoft< 10.0.17763.2928Microsoft Windows 10 1909
OSMicrosoft< 10.0.18363.2274Microsoft Windows 10 20h2
OSMicrosoft< 10.0.19042.1706Microsoft Windows 10 21h1
OSMicrosoft< 10.0.19043.1706Microsoft Windows 10 21h2
OSMicrosoft< 10.0.19044.1706Microsoft Windows 11 21h2
OSMicrosoft< 10.0.22000.675Microsoft Windows 7
OSMicrosoftwszystkie wersjeMicrosoft Windows 8.1
OSMicrosoftwszystkie wersjeMicrosoft Windows Rt 8.1
OSMicrosoftwszystkie wersjeMicrosoft Windows Server 2008
OSMicrosoftr2Microsoft Windows Server 2012
OSMicrosoftr2Microsoft Windows Server 2016
OSMicrosoft< 10.0.14393.5125Microsoft Windows Server 2019
OSMicrosoft< 10.0.17763.2928Microsoft Windows Server 2022
OSMicrosoft< 10.0.20348.707Microsoft Windows Server 20h2
OSMicrosoft< 10.0.19042.1706
CISA KEV — detailsi
- Vendori
- Microsoft ↗
- Producti
- Windows
- Added to KEVi
- July 1, 2022
- Remediation deadline (US Federal)i
- July 22, 2022(overdue)
Apply remediation actions outlined in CISA guidance [https://www.cisa.gov/guidance-applying-june-microsoft-patch].
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Related vulnerabilities
RCE w Windows Server Update Service (WSUS) — deserializacja danych
HTTP Protocol Stack Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) ...