This month we got patches for 79 vulnerabilities. Of these, 5 are critical, 2 were previously disclosed, and 1 is already being exploited, according to Microsoft.
The exploited vulnerability is an elevation of privilege in Windows Common Log File System Driver (CVE-2022-37969). According to the exploit, an attacker who successfully exploited this vulnerability could gain SYSTEM privileges. The attack vector is local, and requires no user interaction. The CVSS for this vulnerability is 7.8.
Amongst critical vulnerabilities, there is a Remote Code Execution (RCE) affecting Windows Internet Key Exchange (IKE) Protocol Extensions (CVE-2022-34721). An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. Although this vulnerability affects just IKEv1, all Windows Servers versions are affected as V1, and V2 packets are accepted. The attack vector is ‘network’, no user interaction and privileges are required, and the attack complexity is low. This vulnerability brings together the characteristics of a wormable vulnerability that you should give attention to and apply the patch as soon as possible. The CVSS for this vulnerability is 9.80.
Another critical vulnerability is an RCE affecting Windows TCP/IP (CVE-2022-34718). An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine. Only systems with the IPSec service running are vulnerable to this attack. As the previous one, this vulnerability brings together the characteristics of a wormable vulnerability. The CVSS for this vulnerability is 9.80 as well.
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/
September 2022 Security Updates
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Core and Visual Studio Denial of Service Vulnerability | |||||||
| %%cve:2022-38013%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| .NET Framework Remote Code Execution Vulnerability | |||||||
| %%cve:2022-26929%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| AV1 Video Extension Remote Code Execution Vulnerability | |||||||
| %%cve:2022-38019%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability | |||||||
| %%cve:2022-23960%% | Yes | No | Less Likely | Less Likely | Important | ||
| Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-38007%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Chromium: CVE-2022-3038 Use after free in Network Service | |||||||
| %%cve:2022-3038%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3039 Use after free in WebSQL | |||||||
| %%cve:2022-3039%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3040 Use after free in Layout | |||||||
| %%cve:2022-3040%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3041 Use after free in WebSQL | |||||||
| %%cve:2022-3041%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3044 Inappropriate implementation in Site Isolation | |||||||
| %%cve:2022-3044%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3045 Insufficient validation of untrusted input in V8 | |||||||
| %%cve:2022-3045%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3046 Use after free in Browser Tag | |||||||
| %%cve:2022-3046%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3047 Insufficient policy enforcement in Extensions API | |||||||
| %%cve:2022-3047%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3053 Inappropriate implementation in Pointer Lock | |||||||
| %%cve:2022-3053%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3054 Insufficient policy enforcement in DevTools | |||||||
| %%cve:2022-3054%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3055 Use after free in Passwords | |||||||
| %%cve:2022-3055%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3056 Insufficient policy enforcement in Content Security Policy | |||||||
| %%cve:2022-3056%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3057 Inappropriate implementation in iframe Sandbox | |||||||
| %%cve:2022-3057%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3058 Use after free in Sign-In Flow | |||||||
| %%cve:2022-3058%% | No | No | – | – | – | ||
| Chromium: CVE-2022-3075 Insufficient data validation in Mojo | |||||||
| %%cve:2022-3075%% | No | No | – | – | – | ||
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-37954%% | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| HTTP V3 Denial of Service Vulnerability | |||||||
| %%cve:2022-35838%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-35828%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | |||||||
| %%cve:2022-35805%% | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
| %%cve:2022-34700%% | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||||
| %%cve:2022-38012%% | No | No | Less Likely | Less Likely | Low | 7.7 | 6.7 |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||||
| %%cve:2022-34726%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-34727%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-34730%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-34732%% | No | No | Unlikely | Unlikely | Important | 8.8 | 7.7 |
| %%cve:2022-34734%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | |||||||
| %%cve:2022-35834%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-35835%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-35836%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-35840%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-34731%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-34733%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| Microsoft Office Visio Remote Code Execution Vulnerability | |||||||
| %%cve:2022-38010%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2022-37963%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft PowerPoint Remote Code Execution Vulnerability | |||||||
| %%cve:2022-37962%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
| %%cve:2022-35823%% | No | No | Unlikely | Unlikely | Important | 8.1 | 7.1 |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
| %%cve:2022-38008%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-38009%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| %%cve:2022-37961%% | No | No | Unlikely | Unlikely | Important | 8.8 | 7.7 |
| Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability | |||||||
| %%cve:2022-37959%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Raw Image Extension Remote Code Execution Vulnerability | |||||||
| %%cve:2022-38011%% | No | No | Less Likely | Less Likely | Important | 7.3 | 6.4 |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||||
| %%cve:2022-35830%% | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability | |||||||
| %%cve:2022-37958%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Visual Studio Code Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-38020%% | No | No | Less Likely | Less Likely | Important | 7.3 | 6.4 |
| Windows ALPC Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-34725%% | No | No | More Likely | More Likely | Important | 7.0 | 6.1 |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-35803%% | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| %%cve:2022-37969%% | Yes | Yes | Detected | Detected | Important | 7.8 | 6.8 |
| Windows Credential Roaming Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-30170%% | No | No | Less Likely | Less Likely | Important | 7.3 | 6.4 |
| Windows DNS Server Denial of Service Vulnerability | |||||||
| %%cve:2022-34724%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability | |||||||
| %%cve:2022-34723%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Distributed File System (DFS) Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-34719%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Enterprise App Management Service Remote Code Execution Vulnerability | |||||||
| %%cve:2022-35841%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| Windows Event Tracing Denial of Service Vulnerability | |||||||
| %%cve:2022-35832%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Fax Service Remote Code Execution Vulnerability | |||||||
| %%cve:2022-38004%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows GDI Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-34729%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Graphics Component Information Disclosure Vulnerability | |||||||
| %%cve:2022-35837%% | No | No | Less Likely | Less Likely | Important | 5.0 | 4.4 |
| %%cve:2022-34728%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| %%cve:2022-38006%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Windows Group Policy Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-37955%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||||||
| %%cve:2022-34720%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | |||||||
| %%cve:2022-34721%% | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.5 |
| %%cve:2022-34722%% | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.5 |
| Windows Kerberos Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-33679%% | No | No | Less Likely | Less Likely | Important | 8.1 | 7.3 |
| %%cve:2022-33647%% | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-37964%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2022-37956%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2022-37957%% | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||||
| %%cve:2022-30200%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Photo Import API Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-26928%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||||
| %%cve:2022-38005%% | No | No | Unlikely | Unlikely | Important | 7.8 | 6.8 |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||||
| %%cve:2022-35831%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Secure Channel Denial of Service Vulnerability | |||||||
| %%cve:2022-30196%% | No | No | Less Likely | Less Likely | Important | 8.2 | 7.1 |
| %%cve:2022-35833%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||||
| %%cve:2022-34718%% | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
—
Renato Marinho
Morphus Labs| LinkedIn|Twitter
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
