Security News > 2022 > July > Windows Network File System flaw results in arbitrary code execution as SYSTEM

Windows Network File System flaw results in arbitrary code execution as SYSTEM
2022-07-15 14:15

Trend Micro Research has published an anatomy of a Windows remote code execution vulnerability lurking in the Network File System.

The vulnerability in question, CVE-2022-30136, was patched by Microsoft in June but the research makes for interesting reading both in terms of the vulnerability itself and the potential for exploitation.

The vulnerability was contained within the Windows Network Filing System and was due to improper handling of NFSv4 requests.

The roots of NFS go right back to the work of Sun Microsystems in 1984 and the vulnerability existed in the Windows implementation.

The Windows vulnerability was "Due to incorrect calculation of the size of response messages," according to the researchers.

Crafty attackers could use this vulnerability to fire off a request with enough operations to create a large size miscalculation.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/07/15/windows_nfs_patch/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2022-30136 Unspecified vulnerability in Microsoft products
Windows Network File System Remote Code Execution Vulnerability
0.0