CVE-2022-38028
| CVE Published | 2022-10-11 |
|---|---|
| Related Vendor(s) | microsoft |
| Related Product(s) | windows_server_2022, windows_10_21h2, windows_rt_8.1, windows_7, windows_8.1, windows_server_2016, windows_10_1607, windows_11_22h2, windows_10_1809, windows_10_1507, windows_10_20h2, windows_11, windows_server_2008, windows_10_21h1, windows_10, windows_server_2019, windows_server_2012 |
| Exploitation Reported (CISA KEV) | 2024-04-23 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
Windows Print Spooler Elevation of Privilege Vulnerability
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph
Threat Reports Related to CVE-2022-38028
Report
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
This blog post by researchers at Microsoft Threat Intelligence outlines activity they observed by Forest Blizzard using a tool they named ...