CVE-2022-30190

GPTKB entity

Statements (22)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affects gptkb:Microsoft_Windows
gptkb:Microsoft_Office
gptkbp:alsoKnownAs Follina
gptkbp:citation https://www.cisa.gov/news-events/alerts/2022/06/01/microsoft-msdt-follina-vulnerability-cve-2022-30190
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190
https://nvd.nist.gov/vuln/detail/CVE-2022-30190
gptkbp:describes A remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) when called from Microsoft Office.
gptkbp:discoveredIn 2022
gptkbp:exploitStatus exploited in the wild
gptkbp:hasCVSSScore 7.8
gptkbp:hasCWE gptkb:CWE-94
https://www.w3.org/2000/01/rdf-schema#label CVE-2022-30190
gptkbp:impact arbitrary code execution
gptkbp:patchedBy Microsoft security update
gptkbp:publicationDate 2022-05-30
gptkbp:requiresUserInteraction true
gptkbp:vectorFor CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
malicious Office documents
gptkbp:vulnerableTo Remote Code Execution
gptkbp:bfsParent gptkb:APT3
gptkbp:bfsLayer 7