Microsoft Windows LDAP Remote Code Execution Vulnerabilities
Two critical* and eight high* Windows LDAP Remote Code Execution Vulnerabilities with CVSS 3.1 scores between 8.8 and 9.8 were released by Microsoft.
Even though no exploit regarding these vulnerabilities have been discovered yet, due to their severities/criticalities, it is highly recommended that the recommended patches are downloaded to ensure the safety of systems/assets.
Affected Systems
It is stated in the Microsoft links specified in the Recommended Solution(s) Section.
IoC’s
-
Recommended Solution(s)
Organizations using the above-mentioned products are recommended to download the patches specified/recommended in the links below (under the “download” column).
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22012
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29130
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22013
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22014
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29128
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29129
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29131
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29137
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29139
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29141
CVE / CWE
CVE-2022-22012, CVE-2022-29130 CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141
Related Website(s)
- https://nvd.nist.gov/vuln/detail/CVE-2022-22012
- https://nvd.nist.gov/vuln/detail/CVE-2022-29130
- https://nvd.nist.gov/vuln/detail/CVE-2022-22013
- https://nvd.nist.gov/vuln/detail/CVE-2022-22014
- https://nvd.nist.gov/vuln/detail/CVE-2022-29128
- https://nvd.nist.gov/vuln/detail/CVE-2022-29129
- https://nvd.nist.gov/vuln/detail/CVE-2022-29131
- https://nvd.nist.gov/vuln/detail/CVE-2022-29137
- https://nvd.nist.gov/vuln/detail/CVE-2022-29139
- https://nvd.nist.gov/vuln/detail/CVE-2022-29141
* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.
Current Security Vulnerability Reports
İSTANBUL
+90 216 504 53 32
Aydınevler Mahallesi,İsmet İnönü Cadddesi,Küçükyalı Ofis Park A Blok,No:20/1 Maltepe İstanbul
ANKARA
+90 312 235 44 51
VULNERABILITY NEWSLETTER
You can register to our newsletter on the home page to be instantly informed about security vulnerabilities.
© 2021 Barikat Cyber Security All rights reserved.