Published: 10/05/2022 Updated: 18/05/2022

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Remote Procedure Call Runtime Remote Code Execution Vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 -
microsoft windows 10 1607
microsoft windows server 2008 r2
microsoft windows 7 -
microsoft windows server 2012 r2
microsoft windows server 2016 -
microsoft windows rt 8.1 -
microsoft windows 10 20h2
microsoft windows 10 21h1
microsoft windows 10 1809
microsoft windows 10 1909
microsoft windows 11 -
microsoft windows 8.1 -
microsoft windows server 2008 sp2
microsoft windows server 2012 -
microsoft windows server 2019 -
microsoft windows 10 21h2
microsoft windows server 2022

CVE-2022-26809 RCE Exploit CVE description CVE-2022-26809 - weakness in a core Windows component (RPC) earned a CVSS score of 98 not without a reason, as the attack does not require authentication and can be executed remotely over a network, and can result in remote code execution (RCE) with the privileges of the RPC service, which depends on the process hosting the RPC runtim

Actively Exploited Zero-Day Bug Patched by Microsoft

Threatpost • Elizabeth Montalbano • 11 May 2022

Microsoft has revealed 73 new patches for May’s monthly update of security fixes, including a patch for one flaw–a zero-day Windows LSA Spoofing Vulnerability rated as “important”—that is currently being exploited with man-in-the-middle attacks.
The software giant’s monthly update of patches that comes out every second Tuesday of the month–known as Patch Tuesday—also included fixes for seven “critical” flaws, 65 others rated as “important,” and one rated as “low.�...

CVE-2022-22019

Vulnerability Summary

Most Upvoted Vulmon Research Post

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect