CVE-2022-41125

Risk Scores

Exploit Intelligence

• https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
• CNG Key Isolation Service elevation of privilege (Microsoft Windows) (gpz)
• CNG Key Isolation Service elevation of privilege (Microsoft Windows) (gpz)
• CNG Key Isolation Service elevation of privilege (Microsoft Windows) (gpz)
• CNG Key Isolation Service elevation of privilege (Microsoft Windows) (gpz)
• CNG Key Isolation Service elevation of privilege (Microsoft Windows) (gpz)
• CNG Key Isolation Service elevation of privilege (Microsoft Windows) (gpz)
• CVE-2022-41120_v2.yar (github-yara)
• CVE-2022-41120_v2.yar (github-yara)
• CVE-2022-41120_v2.yar (github-yara)

…and 21 more exploits

Timeline

• Nov 8, 2022 CISA KEV Added
• Nov 8, 2022 PoC Published
• Nov 8, 2022 CVE Published
• Nov 10, 2022 EPSS Score
• Dec 7, 2022 PoC Published
• Dec 23, 2022 EPSS Score
• Feb 4, 2023 EPSS Score
• Mar 19, 2023 EPSS Score
• May 1, 2023 EPSS Score
• Jun 13, 2023 EPSS Score
• Jul 26, 2023 EPSS Score
• Oct 20, 2023 EPSS Score

References

• https://msrc.microsoft.com/update-guide/ advisory