HIGH🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2022-26925

CVSS 8.1v3.1pub. 2022-05-10upd. 2025-10-30

Windows LSA Spoofing Vulnerability

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Windows 10 1507

    OS
    Microsoft
    < 10.0.10240.19297
  • Microsoft Windows 10 1607

    OS
    Microsoft
    < 10.0.14393.5125
  • Microsoft Windows 10 1809

    OS
    Microsoft
    < 10.0.17763.2928
  • Microsoft Windows 10 1909

    OS
    Microsoft
    < 10.0.18363.2274
  • Microsoft Windows 10 20h2

    OS
    Microsoft
    < 10.0.19042.1706
  • Microsoft Windows 10 21h1

    OS
    Microsoft
    < 10.0.19043.1706
  • Microsoft Windows 10 21h2

    OS
    Microsoft
    < 10.0.19044.1706
  • Microsoft Windows 11 21h2

    OS
    Microsoft
    < 10.0.22000.675
  • Microsoft Windows 7

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows 8.1

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Rt 8.1

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Server 2008

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2012

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2016

    OS
    Microsoft
    < 10.0.14393.5125
  • Microsoft Windows Server 2019

    OS
    Microsoft
    < 10.0.17763.2928
  • Microsoft Windows Server 2022

    OS
    Microsoft
    < 10.0.20348.707
  • Microsoft Windows Server 20h2

    OS
    Microsoft
    < 10.0.19042.1706

CISA KEV — detailsi

Vendori
Microsoft
Producti
Windows
Added to KEVi
July 1, 2022
Remediation deadline (US Federal)i
July 22, 2022(overdue)
Required action (CISA)i

Apply remediation actions outlined in CISA guidance [https://www.cisa.gov/guidance-applying-june-microsoft-patch].

CISA descriptioni

Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 22 lipca 2022
CWE
References

Related vulnerabilities

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2021-31166CRITICAL9.8⚠ KEVten sam produkt

HTTP Protocol Stack Remote Code Execution Vulnerability

CVE-2020-1350CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...

CVE-2020-1040CRITICAL9.0⚠ KEVten sam produkt

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...

CVE-2020-0796CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) ...