CVE-2022-38022

LOW
Published Oct 11, 20223y ago · Modified Jun 17, 20262w ago
3.3 CVSS 3.1
Low
Find Similar
Published Oct 11, 2022 3y ago
Last Modified Jun 17, 2026 2w ago

Description

Windows Kernel Elevation of Privilege Vulnerability

CVSS Details

Base Score
3.3
Exploitability
1.8
Impact
1.4
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 20

VendorProductVersionRange
microsoftwindows_10*any
microsoftwindows_1020h2any
microsoftwindows_1021h1any
microsoftwindows_1021h2any
microsoftwindows_101607any
microsoftwindows_101809any
microsoftwindows_11*any
microsoftwindows_11*any
microsoftwindows_1122h2any
microsoftwindows_1122h2any
microsoftwindows_7*any
microsoftwindows_8.1*any
microsoftwindows_rt_8.1*any
microsoftwindows_server_2008*any
microsoftwindows_server_2008r2any
microsoftwindows_server_2012*any
microsoftwindows_server_2012r2any
microsoftwindows_server_2016*any
microsoftwindows_server_2019*any
microsoftwindows_server_2022*any

References 2

  • msrc.microsoft.com https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38022
  • portal.msrc.microsoft.com https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38022
    PatchVendor Advisory

Remediation

  • portal.msrc.microsoft.com https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38022
    PatchVendor Advisory