CVE-2022-44689

EUVD-2022-47623
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
7.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_subsystem_for_linux
-
microsoftwindows_11
-
microsoftwindows_11
-
microsoftwindows_server_2019
-
microsoftwindows_server_2022
-
microsoftwindows_server_2022
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
1809 (arm64, x64, x86)
KB5021237
20H2 (arm64, x86)
KB5021233
21H1 (arm64, x64, x86)
KB5021233
21H2 (arm64, x64, x86)
KB5021233
22H2 (arm64, x64, x86)
KB5021233
Windows 11
21H2 (arm64, x64)
KB5021234
22H2 (arm64, x64)
KB5021255
Windows Server 2019
Server Core
KB5021237
Standard
KB5021237
Windows Server 2022
Server Core
KB5021249
Standard
KB5021249
Common Weakness Enumeration
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44689
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44689