CVE-2022-34713
Published: 09 August 2022
Summary
CVE-2022-34713 is a high-severity an unspecified weakness vulnerability in Microsoft Windows 7. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 10.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability CVE-2022-34713 is a remote code execution flaw affecting the Microsoft Windows Support Diagnostic Tool (MSDT). It is rated 7.8 under CVSS 3.1 with a vector of AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H and is tracked without an assigned CWE.
An unauthenticated local attacker can exploit the issue by convincing a user to perform an action that triggers MSDT, resulting in arbitrary code execution with impacts to confidentiality, integrity, and availability.
Microsoft has issued remediation guidance via its Security Response Center update guide, and CISA includes the CVE in its catalog of known exploited vulnerabilities.
The associated EPSS score rose from a low baseline to a peak of 0.9725 on 2023-06-19 before receding to the current value of 0.0447, indicating a clear post-disclosure increase in exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-37663
Vulnerability details
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
- CWE(s)
- KEV Date Added
- 09 August 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires applying the vendor security updates that remediate the MSDT RCE flaw before exploitation can succeed.
Least-functionality principle allows disabling or removing the Support Diagnostic Tool so the vulnerable code path cannot be reached.
Malicious-code protection mechanisms can block or alert on the specially crafted files used to trigger the MSDT exploit.