Home / Vulnerabilities / CVE-2022-22047
HIGH SEVERITY
CVE-2022-22047Microsoft · Windows

Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability

Technical Severity

CVSS v3.1 Metrics

HIGH
7.8 / 10
Minimal Risk Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Exploitation Likelihood

EPSS Prediction

1.31 %
Predictive Probability
Percentile Rank
79.8 th

Documented as more likely to be exploited than 79.8% of known CVEs.

Detection Date

Jul 12, 2022

Remediation Due

Aug 02, 2022

CISA Catalog Active

Threat Analysis

Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.

Remediation Directive

Apply updates per vendor instructions.

External Intelligence

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047

NVD

National Vulnerability Database

https://nvd.nist.gov/vuln/detail/CVE-2022-22047