Описание
Windows Network File System Remote Code Execution Vulnerability
FAQ
I am running a supported version of Windows Server. Is my system vulnerable to this issue?
This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. More information on installing or uninstalling Roles or Role Services is available here.
How could an attacker exploit this vulnerability?
An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could enable remote code execution.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2012 | ||
| Windows Server 2012 (Server Core installation) | ||
| Windows 8.1 for 32-bit systems | ||
| Windows 8.1 for x64-based systems | ||
| Windows Server 2012 R2 | ||
| Windows RT 8.1 | - | |
| Windows Server 2012 R2 (Server Core installation) | ||
| Windows 10 for 32-bit Systems | ||
| Windows 10 for x64-based Systems | ||
| Windows Server 2016 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
Windows Network File System Remote Code Execution Vulnerability
Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24491.
Уязвимость сетевой файловой системы Network File System (NFS) операционной системы Microsoft Windows, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3