How severe is CVE-2022-29800?

CVE-2022-29800 has a CVSS v3 score of 4.7 (MEDIUM).

CVE-2022-29800

Name: windows_defender_for_endpoint
Author: microsoft

4.7MEDIUM

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being

게시됨: 9/21/2022업데이트됨: 5/28/2025

설명

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

AI 분석AI 기반

영향받는 제품

microsoftwindows_defender_for_endpoint

참조

https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/
ExploitTechnical DescriptionVendor Advisory
https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/
ExploitTechnical DescriptionVendor Advisory