CVE-2022-35804
Published: 09 August 2022
Summary
CVE-2022-35804 is a high-severity an unspecified weakness vulnerability in Microsoft Windows 11. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 6.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2022-35804 is an SMB Client and Server Remote Code Execution Vulnerability affecting the Server Message Block components in Windows. It carries a CVSS 3.1 base score of 8.8 with the vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating a remotely exploitable flaw that can result in full compromise of confidentiality, integrity, and availability.
An attacker can trigger the vulnerability over the network without authentication, provided the victim performs a required user interaction such as accessing a malicious share or file. Successful exploitation grants the attacker the ability to execute arbitrary code in the context of the affected SMB client or server process.
Microsoft publishes mitigation guidance and security updates for the issue through its Security Response Center update guide at the referenced advisory URL. The EPSS score has reached a peak of 0.1366 with a current value of 0.1131, reflecting moderate and relatively stable exploitation probability since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-38677
Vulnerability details
SMB Client and Server Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.