Microsoft Windows Network File System Remote Code Execution Vulnerability

Microsoft Windows Network File System Remote Code Execution Vulnerability

A critical* Windows Network File System (NFS) Remote Code Execution Vulnerability with a CVSS 3.1 score of 9.8 was released by Microsoft.

This vulnerability is only exploitable for systems that have the NFS role enabled. An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could enable remote code execution. Even though no exploit regarding this vulnerability has been discovered yet, due to its severity/criticality, it is highly recommended that the recommended patches are downloaded to ensure the safety of systems/assets.

Affected Systems

• Windows Server 2012 R2 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 (Server Core installation)
• Windows Server 2012
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2016 (Server Core installation)
• Windows Server 2016
• Windows Server, version 20H2 (Server Core Installation)
• Windows Server 2022 (Server Core installation)
• Windows Server 2022
• Windows Server 2019 (Server Core installation)
• Windows Server 2019

IoC’s

-

Recommended Solution(s)

Organizations using the above-mentioned products are recommended to download the patches specified/recommended in the link below (under the “download” column).

CVE / CWE

CVE-2022-26937

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2022-26937
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26937

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.