What is CVE-2022-35756?

CVE-2022-35756 is a Windows Kerberos Elevation of Privilege Vulnerability.

Which software products are affected by CVE-2022-35756?

Windows 10, Windows Server 2012, Windows Server 2008 R2, Windows 7, Windows 11, Windows Server 2012 R2, Windows 8.1, Windows RT 8.1, Windows Server 2022, Windows Server 2016, Windows Server 2019 are affected by CVE-2022-35756.

What is the severity of CVE-2022-35756?

CVE-2022-35756 has a severity level of high.

How can I fix CVE-2022-35756?

You can fix CVE-2022-35756 by applying the relevant patches provided by Microsoft for the affected software products.

Where can I find more information about CVE-2022-35756?

You can find more information about CVE-2022-35756 on the Microsoft Security Response Center website.

Vulnerability/
CVE-2022-35756

high

7.8

9/8/2022

31/5/2023

2/10/2024

CVE-2022-35756: Windows Kerberos Elevation of Privilege Vulnerability

First published: Tue Aug 09 2022(Updated: )

Windows Kerberos Elevation of Privilege Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 10	=20H2	fix available externally
Microsoft Windows 10 1507	<10.0.10240.19387
Microsoft Windows 10 1507	<10.0.10240.19387
Microsoft Windows 10 1607	<10.0.14393.5291
Microsoft Windows 10 1607	<10.0.14393.5291
Microsoft Windows 10 1809	<10.0.17763.3287
Microsoft Windows 10 1809	<10.0.17763.3287
Microsoft Windows 10 1809	<10.0.17763.3287
Microsoft Windows 10 20h2	<10.0.19042.1889
Microsoft Windows 10 20h2	<10.0.19042.1889
Microsoft Windows 10 20h2	<10.0.19042.1889
Microsoft Windows 10 21h1	<10.0.19043.1889
Microsoft Windows 10 21h1	<10.0.19043.1889
Microsoft Windows 10 21h1	<10.0.19043.1889
Microsoft Windows 11 21h2	<10.0.22000.856
Microsoft Windows 11 21h2	<10.0.22000.856
Microsoft Windows 7	=sp1
Microsoft Windows 8.1	<6.3.9600.20520
Microsoft Windows RT 8.1	<6.3.9600.20520
Microsoft Windows Server 2008	=r2-sp1
Microsoft Windows Server 2012
Microsoft Windows Server 2012	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows Server 20h2
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally
		fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally
	=1607	fix available externally
		fix available externally
		fix available externally
	=1607	fix available externally
	=21H2	fix available externally
	=20H2	fix available externally
	=21H2	fix available externally
	=20H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
	=20H2	fix available externally
	=21H1	fix available externally
		fix available externally
		fix available externally
	=21H1	fix available externally
	=21H1	fix available externally
	=1809	fix available externally
		fix available externally
	=1809	fix available externally
	=1809	fix available externally
		fix available externally

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35756

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35756 (Advisory)

Frequently Asked Questions

What is CVE-2022-35756?
CVE-2022-35756 is a Windows Kerberos Elevation of Privilege Vulnerability.
Which software products are affected by CVE-2022-35756?
Windows 10, Windows Server 2012, Windows Server 2008 R2, Windows 7, Windows 11, Windows Server 2012 R2, Windows 8.1, Windows RT 8.1, Windows Server 2022, Windows Server 2016, Windows Server 2019 are affected by CVE-2022-35756.
What is the severity of CVE-2022-35756?
CVE-2022-35756 has a severity level of high.
How can I fix CVE-2022-35756?
You can fix CVE-2022-35756 by applying the relevant patches provided by Microsoft for the affected software products.
Where can I find more information about CVE-2022-35756?
You can find more information about CVE-2022-35756 on the Microsoft Security Response Center website.

collector/nvd-latest
collector/msrc-cve
agent/type
agent/first-publish-date
agent/references
agent/title
agent/severity
agent/remedy
agent/author
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
source/Microsoft
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/event
agent/software-canonical-lookup
vendor/microsoft
canonical/microsoft windows 10
version/microsoft windows 10/20h2
canonical/microsoft windows 10 1507
canonical/microsoft windows 10 1607
canonical/microsoft windows 10 1809
canonical/microsoft windows 10 20h2
canonical/microsoft windows 10 21h1
canonical/microsoft windows 11 21h2
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows 8.1
canonical/microsoft windows rt 8.1
canonical/microsoft windows server 2008
version/microsoft windows server 2008/r2-sp1
canonical/microsoft windows server 2012
version/microsoft windows server 2012/r2
canonical/microsoft windows server 2016
canonical/microsoft windows server 2019
canonical/microsoft windows server 2022
canonical/microsoft windows server 20h2
version/microsoft windows 10/1809
version/microsoft windows 10/21h2
version/microsoft windows 10/1607
canonical/microsoft windows 11
version/microsoft windows 11/21h2
canonical/microsoft windows server 2008 r2
version/microsoft windows 10/21h1
canonical/microsoft windows server 2012 r2
canonical/microsoft windows server
version/microsoft windows server/20h2
canonical/microsoft windows 8.1 for 32-bit systems
canonical/microsoft windows 8.1 for x64-based systems