The US CISA reported that ,”federal entities to protect their systems from a widely exploited Windows security flaw that might be used to get higher permissions on affected hosts.
To that end, the agency has added CVE-2022-21882 (CVSS score: 7.0) to the Known Exploited Vulnerabilities Catalog, requiring FCEB agencies to patch all systems against this vulnerability by February 18, 2022.
In a recent report, CISA stated, “These types of vulnerabilities are a common attack vector for malicious cyber actors of all types and represent significant danger to the federal organisation.“
CVE-2022-21882, which has been tagged with an “Exploitation More Likely” exploitability index assessment, concerns a case of elevation of privilege vulnerability affecting the Win32k component. The bug was addressed by Microsoft as part of its January 2022 Patch Tuesday updates.
“A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver,” the Windows maker said. The flaw impacts Windows 10, Windows 11, Windows Server 2019, and Windows server 2022.
Finally the researchers concluded that ,”The security issue is also a bypass for another escalation of privilege problem in the same module (CVE-2021-1732, CVSS score: 7.8) that Microsoft fixed in February 2021 and has subsequently been discovered in exploits in the wild.