CVE-2022-30190

Description from NVD

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.

Information Acquisition Date:2022-06-30T16:40Z
CVSS 2.0: 9.3 HIGH CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:C/I:C/A:C

NVD References

 N/A
     source:N/A
     tags:Patch    Vendor Advisory    
 http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html
     source:MISC
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Adobe(2 tweets) Android(1 tweets) Apache(1 tweets) Apple(3 tweets) Chrome(2 tweets) Cisco(1 tweets) Exchange(3 tweets) Firefox(2 tweets) Java(2 tweets) Linux(7 tweets) PHP(1 tweets) Windows(399 tweets) Wordpress(2 tweets) iOS(8 tweets)



List of frequently cited URLs

URLNum of Times Referred to
http://twinybots.ch54
https://cvetrends.com54
https://msrc.microsoft.com/update-guide/en-US/vulnerability...48
http://cyberiqs.com/latestnews39
https://lists.astaro.com/ASGV9-IPS-rules.html#027
https://medium.com23
https://piyolog.hatenadiary.jp/entry/2022/06/02/01011922
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve...19
https://securelist.com/cve-2022-30190-follina-vulnerability...13
https://github.com/NafisiAslH/KnowledgeSharing/tree/main/Cy...11
https://www.youtube.com/watch?v=dGCOhORNKRk11
https://youtu.be/dGCOhORNKRk9
https://blog.0patch.com/2022/06/free-micropatches-for-folli...8
https://www.fortinet.com/blog/threat-research/analysis-of-f...8
https://www.nichepcgamer.com/archives/microsoft-office-remo...8
https://unit42.paloaltonetworks.com/cve-2022-30190-msdt-cod...8
https://doublepulsar.com/follina-a-microsoft-office-code-ex...7
https://www.huntress.com/blog/microsoft-office-remote-code-...7
https://www.anoopcnair.com/fix-msdt-vulnerability-using-scc...7
https://kas.pr/1rck6
https://buff.ly/3M5RGd46
https://www.sentinelone.com/blog/staying-ahead-of-cve-2022-...6
https://securityboulevard.com/2022/06/coverage-advisory-for...6
https://ift.tt/Wjha3VU5
https://cymulate.com/blog/cve-2022-30190-25
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2022-ALE-0055
https://blog.trendmicro.co.jp/archives/314125
https://www.socinvestigation.com/cve-2022-30190-detection-e...5
https://opsmtrs.com/2ZFbaTl4
https://www.cisa.gov/uscert/ncas/current-activity/2022/05/3...4
https://attackerkb.com/topics/Z0pUwH0BFV/cve-2022-301904
https://b.hatena.ne.jp/entry/s/piyolog.hatenadiary.jp/entry...4
https://blog.qualys.com/product-tech/2022/06/14/detect-the-...4
https://tweetedtimes.com/infowaropcenter?s=tnp4
https://www.netskope.com/blog/cve-2022-30190-new-zero-day-v...4
https://www.helpnetsecurity.com/2022/05/31/cve-2022-30190-f...4
https://www.bleepingcomputer.com/news/microsoft/microsoft-s...4
https://ipssignatures.appspot.com/?cve=CVE-2022-301904
https://businessinsights.bitdefender.com/technical-advisory...4
http://files3
https://bit.ly/3PZwhp53
https://htn.to/43TUUKnjiy3
https://vuldb.com/?ctiid.2009093
https://cert.gov.ua/article/405593
https://tcm-sec.com/follina-rce-exploitation-cve-2022-301903
https://twitter.com/StopMalvertisin/status/15314253305646817313
https://isc.sans.edu/forums/diary/New+Microsoft+Office+Atta...3
https://socprime.com/blog/cve-2022-30190-detection-updates-...3
https://call4cloud.nl/2022/06/cve-2022-30190-and-the-city-o...3
https://www.splunk.com/en_us/blog/security/rce-la-follina-c...3
https://www.tenable.com/blog/cve-2022-30190-zero-click-zero...3
https://paper.seebug.org/19143
https://blogs.juniper.net/en-us/threat-research/cve-2022-30...3
https://thehackernews.com/2022/06/state-backed-hackers-expl...3
https://www.it-connect.fr/microsoft-publie-une-solution-tem...3
https://ciberseguridad.blog/analizando-y-explotando-follina...3
https://www.theregister.com/2022/05/30/follina_microsoft_of...3
https://blog.malwarebytes.com/threat-intelligence/2022/06/r...3
https://danusminimus.github.io/2022/06/18/Understanding-OLE...3
https://scan.netsecurity.ne.jp/article/2022/06/08/47701.html3
https://www.paloaltonetworks.com/blog/security-operations/p...3

▼ Show Information from Twitter(2599)


List of frequently cited URLs

URLNum of Times Referred to
twinybots.ch54
cvetrends.com54
msrc.microsoft.com48
cyberiqs.com39
lists.astaro.com27
medium.com23
piyolog.hatenadiary.jp22
msrc-blog.microsoft.com19
securelist.com13
github.com11
www.youtube.com11
youtu.be9
blog.0patch.com8
www.fortinet.com8
www.nichepcgamer.com8
unit42.paloaltonetworks.com8
doublepulsar.com7
www.huntress.com7
www.anoopcnair.com7
kas.pr6
buff.ly6
www.sentinelone.com6
securityboulevard.com6
ift.tt5
cymulate.com5
www.cert.ssi.gouv.fr5
blog.trendmicro.co.jp5
www.socinvestigation.com5
opsmtrs.com4
www.cisa.gov4
attackerkb.com4
b.hatena.ne.jp4
blog.qualys.com4
tweetedtimes.com4
www.netskope.com4
www.helpnetsecurity.com4
www.bleepingcomputer.com4
ipssignatures.appspot.com4
businessinsights.bitdefender.com4
files3
bit.ly3
htn.to3
vuldb.com3
cert.gov.ua3
tcm-sec.com3
twitter.com3
isc.sans.edu3
socprime.com3
call4cloud.nl3
www.splunk.com3
www.tenable.com3
paper.seebug.org3
blogs.juniper.net3
thehackernews.com3
www.it-connect.fr3
ciberseguridad.blog3
www.theregister.com3
blog.malwarebytes.com3
danusminimus.github.io3
scan.netsecurity.ne.jp3
www.paloaltonetworks.com3

▼ Show Information from Twitter(2599)