What is CVE-2022-21849?

CVE-2022-21849 is a critical vulnerability known as Windows IKE Extension Remote Code Execution Vulnerability.

Which software is affected by CVE-2022-21849?

Microsoft Windows 10, Microsoft Windows 11, Microsoft Windows Server, Microsoft Windows Server 2016, and Microsoft Windows Server 2019 are affected by CVE-2022-21849.

What is the severity of CVE-2022-21849?

CVE-2022-21849 has a severity rating of 9.8 (critical).

How can I fix CVE-2022-21849?

To fix CVE-2022-21849, apply the security update provided by Microsoft through the official advisory - reference link: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849.

Where can I find more information about CVE-2022-21849?

You can find more information about CVE-2022-21849 in the official Microsoft security advisory - reference link: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849.

Vulnerability/
CVE-2022-21849

critical

9.8

11/1/2022

2/1/2025

CVE-2022-21849: Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

First published: Tue Jan 11 2022(Updated: )

Windows IKE Extension Remote Code Execution Vulnerability.

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 10
Microsoft Windows 10
Microsoft Windows 10	=20h2
Microsoft Windows 10	=20h2
Microsoft Windows 10	=20h2
Microsoft Windows 10	=21h1
Microsoft Windows 10	=21h1
Microsoft Windows 10	=21h1
Microsoft Windows 10	=21h2
Microsoft Windows 10	=21h2
Microsoft Windows 10	=21h2
Microsoft Windows 10	=1607
Microsoft Windows 10	=1607
Microsoft Windows 10	=1809
Microsoft Windows 10	=1809
Microsoft Windows 10	=1809
Microsoft Windows 10	=1909
Microsoft Windows 10	=1909
Microsoft Windows 10	=1909
Microsoft Windows 11
Microsoft Windows 11
Microsoft Windows Server	=20h2
Microsoft Windows Server	=2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022		fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows 10	=20H2	fix available externally
Microsoft Windows 10	=20H2	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10	=21H1	fix available externally
Microsoft Windows 10	=1909	fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows Server 2022		fix available externally
Microsoft Windows 10	=21H1	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10	=21H1	fix available externally
Microsoft Windows Server	=20H2	fix available externally
Microsoft Windows 10	=1909	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=1909	fix available externally

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-21849?
CVE-2022-21849 is a critical vulnerability known as Windows IKE Extension Remote Code Execution Vulnerability.
Which software is affected by CVE-2022-21849?
Microsoft Windows 10, Microsoft Windows 11, Microsoft Windows Server, Microsoft Windows Server 2016, and Microsoft Windows Server 2019 are affected by CVE-2022-21849.
What is the severity of CVE-2022-21849?
CVE-2022-21849 has a severity rating of 9.8 (critical).
How can I fix CVE-2022-21849?
To fix CVE-2022-21849, apply the security update provided by Microsoft through the official advisory - reference link: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849.
Where can I find more information about CVE-2022-21849?
You can find more information about CVE-2022-21849 in the official Microsoft security advisory - reference link: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849.

agent/author
agent/description
agent/type
collector/nvd-index
agent/software-canonical-lookup-request
agent/title
agent/remedy
agent/references
collector/msrc-cve
source/Microsoft
agent/software-canonical-lookup
agent/severity
agent/first-publish-date
agent/softwarecombine
agent/event
collector/nvd-api
source/NVD
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
vendor/microsoft
canonical/microsoft windows 10
version/microsoft windows 10/20h2
version/microsoft windows 10/21h1
version/microsoft windows 10/21h2
version/microsoft windows 10/1607
version/microsoft windows 10/1809
version/microsoft windows 10/1909
canonical/microsoft windows 11
canonical/microsoft windows server
version/microsoft windows server/20h2
version/microsoft windows server/2022
canonical/microsoft windows server 2016
canonical/microsoft windows server 2019
canonical/microsoft windows server 2022
version/microsoft windows 11/21h2