CVE-2022-34701
Published: 09 August 2022
Summary
CVE-2022-34701 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Microsoft Windows 10. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 5.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Windows Secure Socket Tunneling Protocol (SSTP) in affected Windows versions is subject to a denial-of-service vulnerability tracked as CVE-2022-34701. The flaw is characterized by CWE-400 and carries a CVSS 3.1 score of 7.5, reflecting a remotely exploitable condition that requires no authentication or user interaction and produces a high impact on availability while leaving confidentiality and integrity unaffected.
An unauthenticated attacker with network access can send specially crafted requests to an SSTP server, triggering the denial-of-service condition and disrupting VPN connectivity for legitimate users. Because the attack vector is network-reachable and requires no privileges, the exposure applies to any internet-facing or internally reachable Windows system running the SSTP service.
Microsoft’s advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34701 supplies the official patch matrix and mitigation guidance, directing administrators to apply the security update corresponding to their Windows release. The EPSS score reached a peak of 0.1953 and currently stands at 0.1640, indicating measurable post-disclosure interest in the issue.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-37651
Vulnerability details
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Limiting concurrent sessions directly prevents uncontrolled resource consumption by capping the number of active sessions per user or account.
Analysis identifies uncontrolled resource consumption indicative of denial-of-service or abuse attempts.
Contingency plan testing includes resource exhaustion scenarios to verify recovery, making it harder for attackers to sustain exploits that cause uncontrolled consumption.
Updated contingency plans include current procedures to detect, contain, and recover from resource exhaustion, limiting an attacker's ability to sustain impact from uncontrolled consumption.
Alternate site allows resumption of operations if resource exhaustion at the primary site is exploited to cause unavailability.
Alternate telecommunications services enable resumption of essential functions when primary services become unavailable due to uncontrolled resource consumption.
The team can analyze and respond to resource exhaustion incidents, reducing the impact of attacks that exploit uncontrolled consumption weaknesses.
Timely maintenance support and spare parts enable rapid recovery from failures induced by uncontrolled resource consumption, shortening the impact window of denial-of-service attacks.