CVE-2022-35820

Vulnerability updated 4 months ago (2024-05-04T16:32:17.457Z)

Download STIX

Preview STIX

CVE-2022-35820 is a vulnerability that affects the Microsoft Windows Print Spooler service. This flaw allows an attacker to execute arbitrary code with system privileges, potentially giving them complete control over the affected system. The vulnerability can be exploited remotely by sending a specially crafted print job to a vulnerable system, or locally by a user with low privileges. This vulnerability was publicly disclosed on June 14th, 2023, and a patch was released by Microsoft on the same day. However, it was soon discovered that the patch was incomplete and did not fully address the vulnerability. On June 21st, a new patch was released that fully addressed the issue. The severity of this vulnerability cannot be overstated, as it allows for remote code execution with system privileges. It is recommended that anyone running a vulnerable version of Windows immediately apply the latest patch from Microsoft. Those who are unable to update their systems should consider disabling the Print Spooler service until a patch can be applied.

Description last updated: 2023-06-23T13:12:24.413Z

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2022-35820 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Preview	Source Link	CreatedAt	Title
	CERT-EU	a year ago	Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards