CVE-2022-29105
Published: 10 May 2022
Summary
CVE-2022-29105 is a high-severity an unspecified weakness vulnerability in Microsoft Windows 10. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 13.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2022-29105 is a remote code execution vulnerability in Microsoft Windows Media Foundation, a core multimedia framework used by Windows for processing audio and video content. The flaw carries a CVSS 3.1 score of 7.8 and requires an attacker to supply a malicious media file that the victim opens locally.
An unauthenticated local attacker can exploit the issue without any privileges by convincing a user to open a crafted file, after which arbitrary code executes in the context of the current user. Successful exploitation grants full control over confidentiality, integrity, and availability on the affected system.
Microsoft’s security advisory at msrc.microsoft.com directs administrators to apply the updates released in the May 2022 Patch Tuesday cycle, which address the underlying memory corruption condition in Windows Media Foundation.
EPSS for this CVE rose from low values at disclosure to a peak of 0.0804 on 2025-01-22 before receding to the current 0.0282, indicating a later surge in exploitation interest that warrants renewed attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-33516
Vulnerability details
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.