CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 15, 2022
Description
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.
EPSS — Exploit Probability
65.1%
Higher than 98.4% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2016-7256
Risk Assessment
HIGHIn CISA KEV
High EPSS
Details
- Severity
- High
- EPSS
- 65.1%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
May 25, 2022
Added to KEV
May 25, 2022
Remediation Due
Jun 15, 2022