CVE-2022-21963
Published: 11 January 2022
Summary
CVE-2022-21963 is a medium-severity an unspecified weakness vulnerability in Microsoft Windows 10. Its CVSS base score is 6.4 (Medium).
Operationally, ranked in the top 20.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Windows Resilient File System (ReFS) contains a remote code execution vulnerability tracked as CVE-2022-21963. The flaw affects the ReFS component in supported Windows versions and carries a CVSS 3.1 score of 6.4 with a vector indicating physical access, high attack complexity, no privileges, and no user interaction required for successful exploitation.
An attacker with physical access to a system can leverage the vulnerability to execute arbitrary code. Successful exploitation grants full control over confidentiality, integrity, and availability on the affected host, though the high complexity and physical-access requirement limit the practical attack surface.
Microsoft security advisories for CVE-2022-21963 are published at the referenced MSRC update guide and portal URLs, directing administrators to available patches and configuration guidance.
The EPSS score for this CVE rose from a low baseline to a peak of 0.0699 on 2025-01-22 before receding to the current value of 0.0119, indicating that exploitation interest increased well after the original 2022 disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-27118
Vulnerability details
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.