CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 24, 2022
High
CISA KEVCVE-2002-0367
Microsoft—Windows
smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2002-0367
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Mar 3, 2022
- KEV Added
- Mar 3, 2022
- Due Date
- Mar 24, 2022
- Related Articles
- 0
Vendor
Microsoft
Windows