CVE-2022-33633 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-33633 PUBLISHED CVSS 7.199999809265137 HIGH

Skype for Business and Lync Remote Code Execution Vulnerability

EPSS 6.30% · 90.9th percentile

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

EPSS Score

6.30%

90.9th percentile

Affected Products

Vendor	Product	Versions
Microsoft	N/A
Microsoft	Microsoft Lync Server 2013 CU10	8308.0
microsoft	skype_for_business	2019, 2015
microsoft	skype_for_business_server	9319.0, 2046.0
Microsoft	Skype for Business Server 2015 CU12	9319.0
microsoft	lync_server	2013, 8308.0
Microsoft	Skype for Business Server 2019 CU6	2046.0

Timeline

Jul 12, 2022 CVE Published
Jul 13, 2022 EPSS Score
Jul 21, 2022 EPSS Score
Oct 15, 2022 EPSS Score
Dec 1, 2022 EPSS Score
Mar 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Jun 5, 2023 EPSS Score
Jul 21, 2023 EPSS Score
Oct 22, 2023 EPSS Score
Dec 8, 2023 EPSS Score
Jan 23, 2024 EPSS Score

References

https://msrc.microsoft.com/update-guide/ advisory
Skype for Business and Lync Remote Code Execution Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2022-33633 advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33633 url

Open in Interactive Console →