CVE-2022-38028

high

Description

Windows Print Spooler Elevation of Privilege Vulnerability

References

https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html

https://www.hivepro.com/threat-digest/attacks-vulnerabilities-and-actors-22-to-28-april-2024/

https://thecyberthrone.in/2024/04/27/cisa-adds-cve-2022-38028-to-kev-catalog/

https://www.hivepro.com/threat-advisory/apt28-exploits-windows-print-spooler-flaw-with-gooseegg/

https://securityaffairs.com/162295/hacking/cisa-adds-microsoft-windows-print-spooler-flaw-to-its-known-exploited-vulnerabilities-catalog.html

https://www.infosecurity-magazine.com/news/russian-apt28-gooseegg-hacking/?&web_view=true

https://arstechnica.com/security/2024/04/kremlin-backed-hackers-exploit-critical-windows-vulnerability-reported-by-the-nsa/

https://www.theregister.com/2024/04/23/russia_fancy_bear_goose_egg/

https://securityaffairs.com/162154/apt/apt28-gooseegg-tool-win-bug.html

https://www.bleepingcomputer.com/news/security/microsoft-russian-apt28-hackers-exploit-windows-flaw-reported-by-nsa-using-gooseegg-tool/

https://www.bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/

https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/

https://www.schneier.com/blog/archives/2024/04/friday-squid-blogging-squid-trackers.html

https://www.scmagazine.com/news/russias-sandworm-apt-linked-to-attack-on-texas-water-plant

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38028

Details

Source: Mitre, NVD

Published: 2022-10-11

Updated: 2024-05-23

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High