Vulnerability identifier: #VU63784

Vulnerability risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-30190

CWE-ID: CWE-78

Exploitation vector: Network

Exploits in database: 41

• August 4, 2023
  • CVE-2022-30190 (Microsoft Office Word Rce 复现(CVE-2022-30190)) [Github]
• July 10, 2023
  • CVE-2022-30190 (Follina (CVE-2022-30190) is a Microsoft Office zero-day vulnerability that has recently been discovered. It’s a high-severity vulnerability that hackers can leverage for remote code execution (RCE) attacks.) [Github]
• December 29, 2022
  • Enterprise-Cybersecurity (CVE-2022-30190(follina)) [Github]
• December 7, 2022
  • Follina-CVE-2022-30190-Sample (Educational Exploit for CVE-2022-30190 (Follina)) [Github]
• November 26, 2022
  • msdt-follina-office-rce (CVE-2022-30190) [Github]
• November 20, 2022
  • FollinaXploit (A Command Line based python tool for exploit Zero-Day vulnerability in MSDT (Microsoft Support Diagnostic Tool) also know as 'Follina' CVE-2022-30190.) [Github]
• November 1, 2022
  • CVE-2022-30190 (A very simple MSDT "Follina" exploit **patched**) [Github]
• October 26, 2022
  • CVE-2022-30190 () [Github]
• September 28, 2022
  • CVE-2022-30190 (CVE-2022-30190 (Exploit Microsoft)) [Github]
• September 15, 2022
  • CVE-2022-30190 (A proof of concept for CVE-2022-30190 (Follina).) [Github]
• August 5, 2022
  • five-nights-at-follina-s (A Fullstack Academy Cybersecurity project examining the full cycle of the Follina (CVE-2022-30190) vulnerability, from exploit to detection and defense.) [Github]
• July 4, 2022
  • Follina-CVE-2022-30190-POC () [Github]
• June 26, 2022
  • Follina-CVE-2022-30190-PoC-sample (Educational Follina PoC Tool) [Github]
• June 16, 2022
  • CVE-2022-30190_Temporary_Fix_Source_Code (These are the source codes of the Python scripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina)) [Github]
  • follina-CVE-2022-30190 () [Github]
• June 12, 2022
  • follina_cve_2022-30190 (proof of concept to CVE-2022-30190 (follina)) [Github]
• June 9, 2022
  • Follina_Exploiter_CLI (Exploit Microsoft Zero-Day Vulnerability Follina (CVE-2022-30190)) [Github]
  • follina-spring (Server to host/activate Follina payloads & generator of malicious Word documents exploiting the MS-MSDT protocol. (CVE-2022-30190)) [Github]
  • Deathnote (Proof of Concept of CVE-2022-30190) [Github]
• June 8, 2022
  • CVE-2022-30190 (Microsoft Support Diagnostic Tool (CVE-2022-30190)) [Github]
• June 6, 2022
  • Microsoft Office Word MSDTJS [Metasploit]
  • msdt-follina (Microsoft MS-MSDT Follina (0-day Vulnerability) CVE-2022-30190 Attack Vector) [Github]
• June 3, 2022
  • follina (All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps such as Word. This is a very simple POC, feel free to check the sources below for more threat intelligence.) [Github]
• June 2, 2022
  • CVE-2022-30190 (CVE-2022-30190 or "Follina" 0day proof of concept) [Github]
  • CVE-2022-30190 () [Github]
  • MS-MSDT-Office-RCE-Follina (CVE-2022-30190 | MS-MSDT Follina One Click) [Github]
  • CVE-2022-30190---Follina---Poc-Exploit (Simple Follina poc exploit) [Github]
  • CVE-2022-30190 () [Github]
  • CVE-2022-30190 () [Github]
  • CVE-2022-30190-follina-Office-MSDT-Fixed (CVE-2022-30190-follina.py-修改版，可以自定义word模板，方便实战中钓鱼使用。) [Github]
• June 1, 2022
  • CVE-2022-30190-follina (Just another PoC for the new MSDT-Exploit) [Github]
  • MSDT-0-Day-CVE-2022-30190-Poc () [Github]
  • gollina (Follina MS-MSDT 0-day MS Office RCE (CVE-2022-30190) PoC in Go) [Github]
  • CVE-2022-30190-POC () [Github]
• May 31, 2022
  • CVE-2022-30190 () [Github]
  • CVE-2022-30190 (Microsoft Office Word Rce 复现(CVE-2022-30190)) [Github]
  • MSDT_CVE-2022-30190 (This Repository Talks about the Follina MSDT from Defender Perspective) [Github]
  • cve-2022-30190 (Aka Follina = benign POC.) [Github]
  • CVE-2022-30190 () [Github]
  • PoC-CVE-2022-30190 (POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina) [Github]
  • CVE-2022-30190 (CVE-2022-30190 Follina POC) [Github]

Impact: Code execution

Vulnerable software:
Windows Server
Operating systems & Components / Operating system
Windows
Operating systems & Components / Operating system

Vendor: Microsoft