CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.3 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1514	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_11_21h2:10.0.22000.593:::::::*
	cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.643:::::::*

History

No history.

Information

Published : 2024-12-18 23:15

Updated : 2025-08-26 16:11

NVD link : CVE-2022-40732

Mitre link : CVE-2022-40732

CVE.ORG link : CVE-2022-40732

JSON object : View

Products Affected

microsoft

windows_server_2022
windows_11_21h2

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2022-40732", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.3}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-12-18T23:15:07.060", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1514", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service."}, {"lang": "es", "value": "Existe una vulnerabilidad de violaci\u00f3n de acceso en la funcionalidad DirectComposition del controlador win32kbase.sys versi\u00f3n 10.0.22000.593 como parte de Windows 11 versi\u00f3n 22000.593 y versi\u00f3n 10.0.20348.643 como parte de Windows Server 2022 versi\u00f3n 20348.643. Un conjunto de llamadas al sistema especialmente manipulado puede provocar un reinicio. Un usuario sin privilegios puede ejecutar c\u00f3digo especialmente manipulado para activar una denegaci\u00f3n de servicio."}], "lastModified": "2025-08-26T16:11:12.313", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:10.0.22000.593:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "996BBFF9-9F06-4CD3-ACF8-4B6D34C380FF"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.643:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE2FCCB0-B2D4-475A-BCA8-C2F943EB26A3"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}