← back
CVE-2022-21882

Win32k Elevation of Privilege Vulnerability

CVSS 7 HIGHEPSS 55.7%● KEVCWE-787
Vexday Risk Score
98Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7EPSS 55.7%KEV simPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
09 Feb 2021Metasploit module available
11 Jan 2022Published on NVD
27 Jan 2022Public PoC
04 Feb 2022Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A flaw in Windows' display driver interface allows an attacker with local access to run malicious code with system-level privileges. This is dangerous because it can give attackers complete control over your computer.

Technical detail

CWE-787 (Out-of-bounds Write) in Win32k.sys allows local authenticated users to perform privilege escalation through improper memory handling in the graphics subsystem. Exploitation requires local code execution and results in SYSTEM-level access.

Summary generated and translated by AI from the official description.
Win32k Elevation of Privilege Vulnerability
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Windows 10 Version 1809Microsoft · Windows 10 Version 1909Microsoft · Windows 10 Version 20H2Microsoft · Windows 10 Version 21H1Microsoft · Windows 10 Version 21H2Microsoft · Windows 11 version 21H2Microsoft · Windows Server 2019Microsoft · Windows Server 2019 (Server Core installation)Microsoft · Windows Server 2022Microsoft · Windows Server version 20H2
public PoCs found6
githubgithub.com/KaLendsi/CVE-2022-21882462githubgithub.com/L4ys/CVE-2022-21882196githubgithub.com/sailay1996/cve-2022-21882-poc49githubgithub.com/David-Honisch/CVE-2022-218828githubgithub.com/r1l4-i3pur1l4/CVE-2022-218826cve_referencepacketstormsecurity.com/files/166169/Win32k-ConsoleControl-Offset-Confusion-Privilege-Escalation.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/166169/Win32k-ConsoleControl-Offset-Confusion-Privilege-Escalation.htmlhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21882https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21882https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-21882