CVE-2022-23270

CVE Database · CVE-2022-23270

· HIGHModified

CVSS v3.1

8.1

EPSS

73.10%

Published

May 10, 2022

Modified

Jan 2, 2025

Public PoC / Exploit (1)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (34)

microsoft · windows_10vulnerable

References (2)

PatchVendor Advisory

microsoft · windows_10

microsoft · windows_10vulnerable

microsoft · windows_11vulnerable

microsoft · windows_7vulnerable

microsoft · windows_8.1vulnerable

microsoft · windows_servervulnerable

microsoft · windows_server_2008vulnerable

microsoft · windows_server_2012vulnerable

microsoft · windows_server_2016vulnerable

microsoft · windows_server_2019vulnerable