Windows Local Security Authority (LSA) Remote Code Execution Vulnerability - CVE-2022-24487ID: oval:org.secpod.oval:def:78718 | Date: (C)2022-04-13 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
Windows Local Security Authority (LSA) Remote Code Execution Vulnerability. In order to exploit this vulnerability the attacker is required to be a local user with a smart card or already logged on remotely through RDP to the remote machine. The authorized attacker could then exploit this Windows LSASS vulnerability by sending, from a user mode application, specially crafted malicious credentials directed at the Windows machine, which could lead to remote code execution.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows 10 |
Microsoft Windows Server |