CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
CVE-2022-21984 | Windows DNS Server Remote Code Execution Vulnerability | Windows 11 | Important | 15-02-2022 |
Technical Information
Brief overview of the risk:
This is a SYSTEM-level code execution vulnerability in Microsoft’s DNS server. This vulnerability is network-based, meaning that if the vulnerability is successfully exploited the attacker can then gain control over the Active Directory server, if DNS and AD are configured in the same server. This would give the attacker control over the entire network.
Further information on this vulnerability is available at : CVE-2022-21984
Affected Software
Windows 10 Version 1909 for 32-bit Systems,Windows 10 Version 1909 for x64-based Systems,
Windows 10 Version 1909 for ARM64-based Systems,
Windows 10 Version 21H1 for x64-based Systems,
Windows 10 Version 21H1 for ARM64-based Systems,
Windows 10 Version 21H1 for 32-bit Systems,
Windows Server 2022,
Windows Server 2022 (Server Core installation),
Windows Server 2022 Azure Edition Core Hotpatch,
Windows 10 Version 20H2 for x64-based Systems,
Windows 10 Version 20H2 for 32-bit Systems,
Windows 10 Version 20H2 for ARM64-based Systems,
Windows Server, version 20H2 (Server Core Installation),
Windows 11 for x64-based Systems,
Windows 11 for ARM64-based Systems,
Windows 10 Version 21H2 for 32-bit Systems,
Windows 10 Version 21H2 for ARM64-based Systems,
Windows 10 Version 21H2 for x64-based Systems