- Description
- Windows User Profile Service Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Modified
CVSS 3.1
- Type
- Secondary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Data from CISA
- Vulnerability name
- Microsoft Windows User Profile Service Privilege Escalation Vulnerability
- Exploit added on
- Apr 25, 2022
- Exploit action due
- May 16, 2022
- Required action
- Apply updates per vendor instructions.
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "BCF9D462-E6B6-45D3-8E9F-788F2E646817",
"versionEndExcluding": "10.0.10240.19177"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "9B6CEFAB-4D29-4427-8294-203A4A98F1AE",
"versionEndExcluding": "10.0.10240.19177"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "010F22B5-38B1-4176-B7E8-BB8875B9787C",
"versionEndExcluding": "10.0.14393.4886"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "4D852EB5-2456-429B-B1D8-DD57710DFE49",
"versionEndExcluding": "10.0.14393.4886"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "79A35DBE-C34D-464D-B037-AADB63B221AA",
"versionEndExcluding": "10.0.17763.2452"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "54A85F24-AB36-4A04-B420-F19D1A9DE26C",
"versionEndExcluding": "10.0.17763.2452"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2358BDB5-DB2B-4A60-A9F2-06F2CB0628EB",
"versionEndExcluding": "10.0.18363.2037"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE8DAF46-1702-46D1-AAF3-CEFA567953D1",
"versionEndExcluding": "10.0.19042.1466"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D4CB80E-5C0A-430C-9F56-9295EBBFD9C4",
"versionEndExcluding": "10.0.19043.1466"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38105E41-F04D-444B-A9F7-51E94726E1E2",
"versionEndExcluding": "10.0.19044.1466"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7048A3C3-6FB5-46FA-A709-4A51362E84B2",
"versionEndExcluding": "10.0.22000.434"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "384BE788-0F86-417D-BB7A-3082BA4063A7",
"versionEndExcluding": "10.0.14393.4886"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B6FDB29-C2F4-44FB-8703-962E4FC7E842",
"versionEndExcluding": "10.0.17763.2452"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E428440E-270F-40D6-872E-C5EA389860DB",
"versionEndExcluding": "10.0.20348.469"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0EE46D4-66CC-4A17-9847-DCFB4B15D40E",
"versionEndExcluding": "10.0.19042.1466"
}
],
"operator": "OR"
}
]
}
]