CVE-2022-21914 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2022-21914 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

A connection manager in the Windows Remote Access feature on Windows 7 and Windows 2008 R2 allows remote attackers to eleviate privileges due to the lack of adequate validation of user credentials. A remote attacker can exploit this vulnerability to execute arbitrary code as a standard user.
In addition, this connection manager could be exploited to corrupt memory and execute arbitrary code as an administrator.

An attacker can exploit this vulnerability by sending a maliciously crafted packet to a targeted client.

An attacker can exploit this vulnerability by sending a maliciously crafted packet to a targeted client.

Microsoft received information about this vulnerability from the community. As a result, they released a security update.

Microsoft received information about this vulnerability from the community. As a result, they released a security update.

Microsoft received information about this vulnerability from the community. As a result, they released a security update.

Microsoft received information about this vulnerability from the community. As a result, they released a security update.
Due to the critical severity of the vulnerability, Microsoft assigned it the CVE ID of CVE-2001-2216.

An attacker can exploit this vulnerability by sending a maliciously crafted packet to a targeted client.

An attacker can exploit this vulnerability by sending a maliciously crafted packet to a targeted client.

Microsoft Edge and Internet Explorer

Microsoft Edge is a web browsing application that Microsoft has developed for Windows 10. It was released on October 26, 2015.

Microsoft Edge is a web browsing application that Microsoft has developed for Windows 10. It was released on October 26, 2015.

Microsoft Edge is a web browsing application that Microsoft has developed for Windows 10. It was released on October 26, 2015.

Daesh - An Example of Connectivity Vulnerability

A connection manager in the Windows Remote Access feature on Windows 7 and Windows 2008 R2 allows remote attackers to eleviate privileges due to the lack of adequate validation of user credentials. A remote attacker can exploit this vulnerability to execute arbitrary code as a standard user.
In addition, this connection manager could be exploited to corrupt memory and execute arbitrary code as an administrator.

An attacker can exploit this vulnerability by sending a maliciously crafted packet to a targeted client.

Microsoft released security updates for this vulnerability

Microsoft released security updates for this vulnerability. As a result, they released a security update.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe