CVE-2022-26926

HIGH

Windows Address Book - Remote Code Execution

Title source: llm
STIX 2.1

Description

Windows Address Book Remote Code Execution Vulnerability

Scores

CVSS v3 7.8
EPSS 0.0254
EPSS Percentile 83.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-284
Status published
Products (36)
Microsoft/Windows 10 Version 1507 10.0.10240.0 - 10.0.10240.19297
Microsoft/Windows 10 Version 1607 10.0.14393.0 - 10.0.14393.5125
Microsoft/Windows 10 Version 1809 10.0.0 - 10.0.17763.2928
Microsoft/Windows 10 Version 1809 10.0.17763.0 - 10.0.17763.2928
Microsoft/Windows 10 Version 1909 10.0.0 - 10.0.18363.2274
Microsoft/Windows 10 Version 20H2 10.0.0 - 10.0.19042.1706
Microsoft/Windows 10 Version 21H1 10.0.0 - 10.0.19043.1706
Microsoft/Windows 10 Version 21H2 10.0.19043.0 - 10.0.19043.1706
Microsoft/Windows 11 version 21H2 10.0.0 - 10.0.22000.675
Microsoft/Windows 7 6.1.0 - 6.1.7601.25954
... and 26 more
Published May 10, 2022
Tracked Since Feb 18, 2026