The Cybersecurity and Infrastructure Security Agency (CISA) has added another vulnerability (CVE-2022-21882) to its Known Exploited Vulnerabilities Catalog.
CISA added a Microsoft Windows Win32k Elevation of Privilege Vulnerability CVE-2022-21882 to its Known Exploited Vulnerabilities database “based on evidence that threat actors are actively exploiting the vulnerabilities.”
This issue was patched by Microsoft as part of January 2022 patch releases.
In a previously published advisory for CVE-2022-21882, Microsoft warned “a local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver” and confirmed “exploitation was more likely.”
The issues affects multiple versions of Windows 10 and Windows Server OS (e.g., Server 2019, 2022).