Main Vulnerability Database Exploits ID:7337 - Exploit for Out-of-bounds read in Windows and Windows Server - CVE-2022-21877

ID:7337 - Exploit for Out-of-bounds read in Windows and Windows Server - CVE-2022-21877

Published: February 9, 2022

Vulnerability identifier: #VU59517

Vulnerability risk: Low

CVE-ID: CVE-2022-21877

CWE-ID: CWE-125

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/Big5-sec/cve-2022-21877

Vulnerability description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the Storage Spaces Controller (spaceport.sys drive). A local user can run a specially crafted program to trigger an out-of-bounds read error and read contents of memory with SYSTEM privileges..

Remediation

Install updates from vendor's website.

ID:7337 - Exploit for Out-of-bounds read in Windows and Windows Server - CVE-2022-21877

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human