CVE-2022-24500

HIGH EXPLOITED RANSOMWARE

Windows SMB - RCE

Title source: llm

Description

Windows SMB Remote Code Execution Vulnerability

Exploits (3)

nomisec WORKING POC 10 stars

by 0x7n6 · poc

https://github.com/0x7n6/CVE-2022-24500

View Code ZIP pw:eip

inthewild

poc

https://github.com/rkxxz/cve-2022-24500

View on inthewild

inthewild

poc

https://github.com/daro1967/cve-2022-24500-rce

View on inthewild

References (1)

[Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24500

Scores

CVSS v3 8.8

EPSS 0.4466

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-01-17

Ransomware Use Confirmed

Status published

Products (19)

microsoft/windows_10

microsoft/windows_10 20h2

microsoft/windows_10 21h1

microsoft/windows_10 21h2

microsoft/windows_10 1607

microsoft/windows_10 1809

microsoft/windows_10 1909

microsoft/windows_11 (2 CPE variants)

microsoft/windows_7

microsoft/windows_8.1

... and 9 more

Published Apr 15, 2022

Tracked Since Feb 18, 2026