Description
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.
References (4)
Core 4
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.rapid7.com/blog/post/2022/06/14/cve-2022-32230-windows-smb-denial-of-service-vulnerability-fixed/
Patch, Vendor Advisory x_refsource_confirm
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-32230
Exploit, Third Party Advisory x_refsource_misc
https://github.com/zeroSteiner/metasploit-framework/blob/feat/mod/cve-2022-32230/modules/auxiliary/dos/smb/smb_filenormalizednameinformation.rb
Patch, Vendor Advisory x_refsource_misc
https://support.microsoft.com/en-us/topic/may-10-2022-kb5013942-os-builds-19042-1706-19043-1706-and-19044-1706-60b51119-85be-4a34-9e21-8954f6749504
Scores
CVSS v3
7.5
EPSS
0.2890
EPSS Percentile
96.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (6)
microsoft/windows_10
20h2
microsoft/windows_10
21h1
microsoft/windows_10
21h2
microsoft/windows_10
1809
microsoft/windows_11
microsoft/windows_server_2019
Published
Jun 14, 2022
Tracked Since
Feb 18, 2026