all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Known Active Exploitation of Windows CSRSS Elevation of Privilege Vulnerability (CVE-2022-22047)

Add to bookmarks
July 13, 2022, 11:01 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of a newly reported and actively exploited zero day targeting Microsoft Windows and Windows Server (Windows CSRSS Elevation of Privilege Vulnerability). Assigned CVE-2022-22047, this vulnerability was discovered by Microsoft internally and credited to the Microsoft Security Response Center. As this vulnerability was disclosed by Microsoft, details surrounding this exploit are limited. Attackers successfully exploiting this vulnerability will gain SYSTEM privileges. Patches for this vulnerability were rolled out in this month's July 2022 release, which addresses 84 …

csrss cve cve-2022-22047 exploitation privilege vulnerability windows

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 3 hours ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 3 hours ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 week, 2 days ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 3 weeks ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 4 weeks ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 4 weeks, 1 day ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 4 weeks, 2 days ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month, 1 week ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 4 weeks ago | fortiguard.fortinet.com
access advisory application attackers +28

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Threat and Attack Research

@ Singtel | Macquarie Park, Australia
View on infosec-jobs.com

Manager Information Security

@ Diebold Nixdorf | Remote, United States
View on infosec-jobs.com

Senior Analyst, IT Information Security

@ IHG | GA, United States
View on infosec-jobs.com

Eurizon Capital SGR - Compliance Senior Specialist

@ Intesa Sanpaolo | Milano, IT
View on infosec-jobs.com

Tier 1 Fusion Security Analyst

@ Nielsen | Bengaluru, India
View on infosec-jobs.com
View more jobs