Technical Severity
MEDIUMCVSS v3.1 Metrics
5.5
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:CExploitation Likelihood
EPSS Prediction
20.10
%
Predictive Probability
Percentile Rank
97.1
th
Documented as more likely to be exploited than 97.1% of known CVEs.
Detection Date
Mar 03, 2022
Remediation Due
Mar 17, 2022
CISA Catalog Active
Threat Analysis
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.
Remediation Directive
Apply updates per vendor instructions.