FAQ
How could an attacker exploit this vulnerability? The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime.
MSRC compact vulnerability detail
CVE-2022-21922 · Remote Procedure Call Runtime Remote Code Execution Vulnerability
No description was published by MSRC.
Signals
Windows Remote Procedure Call Runtime
Remote Code Execution
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation Less Likely
CWE
No CWE data published.
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
No description was published by MSRC.
FAQ / Articles
FAQ
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.
FAQ
What is RPC runtime? See Remote procedure call (RPC) for more information on RPC and RPC Runtime.