Cybersecurity Announcement: Microsoft Windows Support Diagnostic Tool and Point-to-Point Protocol Remote Code Execution Vulnerability (CVE-2022-34713) and (CVE-2022-30133)

About the Event

Microsoft released announcements for known vulnerabilities addressed in their Tuesday Patch release. Two are considered Remote Code Execution vulnerabilities, meaning an attacker can exploit the system vulnerabilities remotely.

Actions to Consider

Cybersecurity recommends expedited patching for these vulnerabilities and suggests a target of 1 week from patch release. CVE-2022-30133 can be mitigated, with a temporary workaround until patch install, by blocking traffic through port TCP/1723 for systems that are internet facing.

Event Impact

CVE-2022-34713, CVSSv3 score 7.8, exploits a vulnerability by convincing users to click a link or download a specially crafted file from an email. CVE-2022-30133, CVSSv3 score 9.8, does not require any user interaction and requires no privileges. The attacker exploits the vulnerability by sending a specially crafted connection request over port 1723 to a RAS server.   References:

• https://isc.sans.edu/diary/Microsoft+August+2022+Patch+Tuesday/28924
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34713
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30133

  Security Analyst: Vince Abrahamson