THREATOPS
THREAT OPSCVEs › CVE-2022-30190

CVE-2022-30190 — Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

CISA KEVExploited: confirmedMicrosoft

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.

Vulnerability details