Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
gptkb:Microsoft_Windows
gptkb:Microsoft_Office |
| gptkbp:alsoKnownAs |
Follina
|
| gptkbp:citation |
https://www.cisa.gov/news-events/alerts/2022/06/01/microsoft-msdt-follina-vulnerability-cve-2022-30190
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190 https://nvd.nist.gov/vuln/detail/CVE-2022-30190 |
| gptkbp:describes |
A remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) when called from Microsoft Office.
|
| gptkbp:discoveredIn |
2022
|
| gptkbp:exploitStatus |
exploited in the wild
|
| gptkbp:hasCVSSScore |
7.8
|
| gptkbp:hasCWE |
gptkb:CWE-94
|
| gptkbp:impact |
arbitrary code execution
|
| gptkbp:patchedBy |
gptkb:Microsoft_security_update
|
| gptkbp:publicationDate |
2022-05-30
|
| gptkbp:requiresUserInteraction |
true
|
| gptkbp:vectorFor |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
malicious Office documents |
| gptkbp:vulnerableTo |
Remote Code Execution
|
| gptkbp:bfsParent |
gptkb:APT3
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2022-30190
|