CVE-2022-30190

Description from NVD

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.

Information Acquisition Date:2022-07-15T14:54Z
CVSS 2.0: 9.3 HIGH CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:C/I:C/A:C

NVD References

 N/A
     source:N/A
     tags:Patch    Vendor Advisory    
 http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html
     source:MISC
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: VMware(2 tweets) Windows(2 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com51
https://lists.astaro.com/ASGV9-IPS-rules.html#033
https://medium.com29
http://twinybots.ch21
http://cyberiqs.com/latestnews11
https://github.com/NafisiAslH/KnowledgeSharing/tree/main/Cy...8
https://www.nichepcgamer.com/archives/microsoft-office-remo...8
https://www.sentinelone.com/blog/staying-ahead-of-cve-2022-...6
https://ift.tt/Wjha3VU5
https://cymulate.com/blog/cve-2022-30190-25
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2022-ALE-0055
https://www.socinvestigation.com/cve-2022-30190-detection-e...5
https://kas.pr/1rck4
https://opsmtrs.com/2ZFbaTl4
https://www.cisa.gov/uscert/ncas/current-activity/2022/05/3...4
https://call4cloud.nl/2022/06/cve-2022-30190-and-the-city-o...4
https://attackerkb.com/topics/Z0pUwH0BFV/cve-2022-301904
https://b.hatena.ne.jp/entry/s/piyolog.hatenadiary.jp/entry...4
https://blog.qualys.com/product-tech/2022/06/14/detect-the-...4
https://tweetedtimes.com/infowaropcenter?s=tnp4
https://www.fortinet.com/blog/threat-research/analysis-of-f...4
https://www.netskope.com/blog/cve-2022-30190-new-zero-day-v...4
https://blog.virustotal.com/2022/08/hunting-follina.html4
https://blog.trendmicro.co.jp/archives/314124
https://securityboulevard.com/2022/06/coverage-advisory-for...4
https://piyolog.hatenadiary.jp/entry/2022/06/02/0101194
https://scan.netsecurity.ne.jp/article/2022/06/08/47701.html4
https://www.helpnetsecurity.com/2022/05/31/cve-2022-30190-f...4
https://www.bleepingcomputer.com/news/microsoft/microsoft-s...4
https://unit42.paloaltonetworks.com/cve-2022-30190-msdt-cod...4
https://businessinsights.bitdefender.com/technical-advisory...4
http://files3
https://bit.ly/3PZwhp53
https://htn.to/43TUUKnjiy3
https://buff.ly/3M5RGd43
https://youtu.be/dGCOhORNKRk3
https://vuldb.com/?ctiid.2009093
https://cert.gov.ua/article/405593
https://tcm-sec.com/follina-rce-exploitation-cve-2022-301903
https://twitter.com/StopMalvertisin/status/15314253305646817313
https://isc.sans.edu/forums/diary/New+Microsoft+Office+Atta...3
https://socprime.com/blog/cve-2022-30190-detection-updates-...3
https://tryhackme.com/room/follinamsdt3
https://securelist.com/cve-2022-30190-follina-vulnerability...3
https://www.splunk.com/en_us/blog/security/rce-la-follina-c...3
https://blog.0patch.com/2022/06/free-micropatches-for-folli...3
https://www.tenable.com/blog/cve-2022-30190-zero-click-zero...3
https://www.youtube.com/watch?v=dGCOhORNKRk3
https://doublepulsar.com/follina-a-microsoft-office-code-ex...3
https://paper.seebug.org/19143
https://www.huntress.com/blog/microsoft-office-remote-code-...3
https://blogs.juniper.net/en-us/threat-research/cve-2022-30...3
https://thehackernews.com/2022/06/state-backed-hackers-expl...3
https://www.it-connect.fr/microsoft-publie-une-solution-tem...3
https://msrc.microsoft.com/update-guide/en-US/vulnerability...3
https://www.anoopcnair.com/fix-msdt-vulnerability-using-scc...3
https://ciberseguridad.blog/analizando-y-explotando-follina...3
https://www.theregister.com/2022/05/30/follina_microsoft_of...3
https://blog.malwarebytes.com/threat-intelligence/2022/06/r...3
https://danusminimus.github.io/2022/06/18/Understanding-OLE...3
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve...3
https://www.paloaltonetworks.com/blog/security-operations/p...3
https://ipssignatures.appspot.com/?cve=CVE-2022-301903

Information from Twitter

User URL Info Source Date
DragonJAR https://twitter.com/DragonJAR/status/1633489790594154496/vi... Source DragonJAR        1633489790594154496 2023/03/09
MariaRusanova88 https://twitter.com/DragonJAR/status/1633489790594154496 Source MariaRusanova88 1633851545707220994 2023/03/10
dark_relay2 https://www.darkrelay.com/post/vulnerability-and-exploit-an... Source dark_relay2      1640405816657448960 2023/03/28
__kokumoto https://www.securityweek.com/most-weaponized-vulnerabilitie... Source __kokumoto       1641088615957815296 2023/03/29
housu_jp https://msrc.microsoft.com/blog/2022/05/guidance-for-cve-20... Source housu_jp         1641388225964179456 2023/03/30
0xP0ch1ta https://l4dybug.medium.com/reproduction-of-cve-2022-30190-z... Source 0xP0ch1ta        1644545720358436866 2023/04/08
netsecu https://www.seqrite.com/blog/cve-2022-30190-zero-day-vulner... Source netsecu          1646665012436516872 2023/04/14

List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com51
lists.astaro.com33
medium.com29
twinybots.ch21
cyberiqs.com11
github.com8
www.nichepcgamer.com8
www.sentinelone.com6
ift.tt5
cymulate.com5
www.cert.ssi.gouv.fr5
www.socinvestigation.com5
kas.pr4
opsmtrs.com4
www.cisa.gov4
call4cloud.nl4
attackerkb.com4
b.hatena.ne.jp4
blog.qualys.com4
tweetedtimes.com4
www.fortinet.com4
www.netskope.com4
blog.virustotal.com4
blog.trendmicro.co.jp4
securityboulevard.com4
piyolog.hatenadiary.jp4
scan.netsecurity.ne.jp4
www.helpnetsecurity.com4
www.bleepingcomputer.com4
unit42.paloaltonetworks.com4
businessinsights.bitdefender.com4
files3
bit.ly3
htn.to3
buff.ly3
youtu.be3
vuldb.com3
cert.gov.ua3
tcm-sec.com3
twitter.com3
isc.sans.edu3
socprime.com3
tryhackme.com3
securelist.com3
www.splunk.com3
blog.0patch.com3
www.tenable.com3
www.youtube.com3
doublepulsar.com3
paper.seebug.org3
www.huntress.com3
blogs.juniper.net3
thehackernews.com3
www.it-connect.fr3
msrc.microsoft.com3
www.anoopcnair.com3
ciberseguridad.blog3
www.theregister.com3
blog.malwarebytes.com3
danusminimus.github.io3
msrc-blog.microsoft.com3
www.paloaltonetworks.com3
ipssignatures.appspot.com3

Information from Twitter

User URL Info Source
DragonJAR twitter.com Show Tweet
MariaRusanova88 twitter.com Show Tweet
dark_relay2 darkrelay.com Show Tweet
__kokumoto securityweek.com Show Tweet
housu_jp msrc.microsoft.com Show Tweet
0xP0ch1ta l4dybug.medium.com Show Tweet
netsecu seqrite.com Show Tweet
GitHub Search Results: Up to 10
NameURL
JMousqueton/PoC-CVE-2022-30190 https://github.com/JMousqueton/PoC-CVE-2022-30190
onecloudemoji/CVE-2022-30190 https://github.com/onecloudemoji/CVE-2022-30190
komomon/CVE-2022-30190-follina-Office-MSDT-Fixed https://github.com/komomon/CVE-2022-30190-follina-Office-MSDT-Fixed
bytecaps/CVE-2022-30190 https://github.com/bytecaps/CVE-2022-30190
archanchoudhury/MSDT_CVE-2022-30190 https://github.com/archanchoudhury/MSDT_CVE-2022-30190
PaddlingCode/cve-2022-30190 https://github.com/PaddlingCode/cve-2022-30190
drgreenthumb93/CVE-2022-30190-follina https://github.com/drgreenthumb93/CVE-2022-30190-follina
DerZiad/CVE-2022-30190 https://github.com/DerZiad/CVE-2022-30190
ErrorNoInternet/FollinaScanner https://github.com/ErrorNoInternet/FollinaScanner
sudoaza/CVE-2022-30190 https://github.com/sudoaza/CVE-2022-30190
GitHub Search Results: Up to 10
NameURL
JMousqueton/PoC-CVE-2022-30190 github.com
onecloudemoji/CVE-2022-30190 github.com
komomon/CVE-2022-30190-follina-Office-MSDT-Fixed github.com
bytecaps/CVE-2022-30190 github.com
archanchoudhury/MSDT_CVE-2022-30190 github.com
PaddlingCode/cve-2022-30190 github.com
drgreenthumb93/CVE-2022-30190-follina github.com
DerZiad/CVE-2022-30190 github.com
ErrorNoInternet/FollinaScanner github.com
sudoaza/CVE-2022-30190 github.com
2023/04/14 Score : 0
Added Har-sia Database : 2022/05/31
Last Modified : 2023/04/14
Highest Scored Date : 2022/06/01
Highest Score : 460