Technical Severity
HIGH
CVSS v3.1 Metrics
8.8
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitation Likelihood
EPSS Prediction
93.88
%
Predictive Probability
Percentile Rank
99.9
th
Documented as more likely to be exploited than 99.9% of known CVEs.
Detection Date
Feb 10, 2022
Remediation Due
Aug 10, 2022
CISA Catalog Active
Threat Analysis
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file
Remediation Directive
Apply updates per vendor instructions.