CVE Alert: CVE-2022-40732

Vulnerability Summary: CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service.

Affected Endpoints:

No affected endpoints listed.

Published Date:

12/18/2024, 11:15:07 PM

⚠️ CVSS Score:

CVSS v3 Score: 5 (Medium)

Exploit Status:

Not Exploited

References:

https://talosintelligence.com/vulnerability_reports/TALOS-2022-1514

Recommended Action:

No proposed action available. Please refer to vendor documentation for updates.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee

Patreon

To keep up to date follow us on the below channels.

Tags: CVE, OSINT, threatintel