9.8
CVSSv3

CVE-2022-26937

Published: 10/05/2022 Updated: 23/05/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Windows Network File System Remote Code Execution Vulnerability.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2008 r2

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2012 -

microsoft windows server 2019 -

microsoft windows server 2008 sp2

microsoft windows server 2022

microsoft windows server 20h2

Github Repositories

Windows Network File System Crash PoC CVE-2022-26937 nt!KeBugCheckEx: fffff803`8996efa0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffd000`d589ae60=0000000000000139 1: kd> !analyze -v ******************************************************************************* * * *

CVE-2022-26937 A package to detect CVE-2022-26937, a vulnerability in Microsoft's NFS implementation Example You can run this logic on the included PCAP in the testing\traces directory: $ zeek -Cr CVE-2022-26937-exploitedpcap ~/Source/CVE-2022-26937/scripts/__load__zeek $ cat noticelog #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path notice

Windows Network File System Crash PoC CVE-2022-26937 nt!KeBugCheckEx: fffff803`8996efa0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffd000`d589ae60=0000000000000139 1: kd> !analyze -v ******************************************************************************* * * *

Recent Articles

Actively Exploited Zero-Day Bug Patched by Microsoft
Threatpost • Elizabeth Montalbano • 11 May 2022

Microsoft has revealed 73 new patches for May’s monthly update of security fixes, including a patch for one flaw–a zero-day Windows LSA Spoofing Vulnerability rated as “important”—that is currently being exploited with man-in-the-middle attacks.
The software giant’s monthly update of patches that comes out every second Tuesday of the month–known as Patch Tuesday—also included fixes for seven “critical” flaws, 65 others rated as “important,” and one rated as “low....

Microsoft closes Windows LSA hole under active attack
The Register • Jessica Lyons Hardcastle • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Plus many more flaws. And Adobe, Android, SAP join the bug-squashing frenzy

Microsoft patched 74 security flaws in its May Patch Tuesday batch of updates. That's seven critical bugs, 66 deemed important, and one ranked low severity.
At least one of the vulnerabilities disclosed is under active attack with public exploit code, according to Redmond, while two others are listed as having public exploit code.
After April's astonishing 100-plus vulnerabilities, May's patching event seems tame by comparison. However, "this month makes up for it in severity and inf...

Microsoft fixes under-attack Windows zero-day Follina
The Register • Jessica Lyons Hardcastle • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Plus: Intel, AMD react to Hertzbleed data-leaking holes in CPUs

Patch Tuesday Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities.
Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited in the wild.
Criminals and snoops can abuse the remote code execution (RCE) bug, tracked as CVE-2022-30190, by crafting a file, such as a Word do...