Critical Vulnerability in Windows NFS (CERT-EU Security Advisory 2022-042)
On the 14th of June 2022, Microsoft - as part of the June Patch Tuesday release - has issued several (55) security fixes for various vulnerabilities. Among others, the update fixes the critical vulnerability "CVE-2022-30136" which is a RCE vulnerability in the network file system (NFS). The vulnerability can be exploited by an unauthenticated attacker using a specially crafted call to a NFS service. The vulnerability is not exploitable in NFSV2.0 or NFSV3.0. There is no evidence that this vulnerability is exploited in the wild. However, it is recommended to patch as soon as possible.
On the 14th of June 2022, Microsoft - as part of the June Patch Tuesday release - has issued several (55) security fixes for various vulnerabilities. Among others, the update fixes the critical vulnerability "CVE-2022-30136" which is a RCE vulnerability in the network file system (NFS). The vulnerability can be exploited by an unauthenticated attacker using a specially crafted call to a NFS service. The vulnerability is not exploitable in NFSV2.0 or NFSV3.0. There is no evidence that this vulnerability is exploited in the wild. However, it is recommended to patch as soon as possible.
What's Your Reaction?
