VDB
CVE-2022-37992
CVE-2022-37992
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Windows Group Policy Elevation of Privilege Vulnerability
EPSS 0.89% · 76.0th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.89%
76.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_server_2008 | r2 |
| microsoft | windows_rt_8.1 | |
| microsoft | windows_server_2019 | |
| microsoft | windows_8.1 | |
| microsoft | windows_7 | |
| microsoft | windows_10 | 1809, 1607, 22h2 |
| microsoft | windows_server_2016 | |
| microsoft | windows_server_2022 | |
| microsoft | windows_11 | * |
| microsoft | windows_server_2012 | r2 |
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- CVE-2022-41120_v2.yar (github-yara)
- CVE-2022-41120_v2.yar (github-yara)
- CVE-2022-41120_v2.yar (github-yara)
- CVE-2022-41120_v2.yar (github-yara)
Timeline
- Nov 8, 2022 CVE Published
- Nov 10, 2022 EPSS Score
- Dec 7, 2022 PoC Published
- Dec 23, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 19, 2023 EPSS Score
- May 1, 2023 EPSS Score
- Jun 13, 2023 EPSS Score
- Jul 26, 2023 EPSS Score
- Oct 20, 2023 EPSS Score
- Dec 2, 2023 EPSS Score