{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2022-042.pdf"
    },
    "title": "Critical Vulnerability in Windows NFS",
    "serial_number": "2022-042",
    "publish_date": "15-06-2022 14:09:00",
    "description": "On the 14th of June 2022, Microsoft - as part of the June Patch Tuesday release - has issued several (55) security fixes for various vulnerabilities. Among others, the update fixes the critical vulnerability \"CVE-2022-30136\" which is a RCE vulnerability in the network file system (NFS). The vulnerability can be exploited by an unauthenticated attacker using a specially crafted call to a NFS service. The vulnerability is not exploitable in NFSV2.0 or NFSV3.0.<br>There is no evidence that this vulnerability is exploited in the wild. However, it is recommended to patch as soon as possible.",
    "url_title": "2022-042",
    "content_markdown": "---\ntitle: 'Critical Vulnerability in Windows NFS'\nversion: '1.0'\nnumber: '2022-042'\noriginal_date: 'June 14, 2022'\ndate: 'June 15, 2022'\n---\n\n_History:_\n\n* _15/06/2022 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn the 14th of June 2022, Microsoft -- as part of the June Patch Tuesday release -- has issued several (55) security fixes for various vulnerabilities. Among others, the update fixes the **critical vulnerability** `CVE-2022-30136` which is a RCE vulnerability in the network file system (NFS). The vulnerability can be exploited by an **unauthenticated attacker** using a specially crafted call to a NFS service [1]. The vulnerability is not exploitable in NFSV2.0 or NFSV3.0 [2].\n\nThere is no evidence that this vulnerability is exploited in the wild. However, it is recommended to patch as soon as possible.\n\n# Technical Details\n\nThe vulnerability tracked as `CVE-2022-30136` (CVSS score: 9.8) affects Windows assets running NFS. This vulnerability is not exploitable in NFSV2.0 or NFSV3.0 [2]. Microsoft has not provided more technical details about this vulnerability at this time. \n\n# Affected Products\n\nThis vulnerability affects the following Windows products with NFS enabled (also Server Core installation):\n\n- Windows Server 2012 R2;\n- Windows Server 2012;\n- Windows Server 2016;\n- Windows Server 2019.\n\n# Recommendations\n\nCERT-EU recommends to apply the patches provided by Microsoft as soon as possible.\n\n## Mitigations\n\nThe advisory notes that NFS versions 2.0 and 3.0 are not affected and administrators can disable NFS version 4.1 to mitigate this flaw [2].\n\n# References\n\n[1] <https://www.tenable.com/blog/microsofts-june-2022-patch-tuesday-addresses-55-cves-cve-2022-30190>\n\n[2] <https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30136>\n\n[3] <https://media.cert.europa.eu/static/SecurityAdvisories/2022/CERT-EU-SA2022-039.pdf>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>15/06/2022 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On the 14th of June 2022, Microsoft -- as part of the June Patch Tuesday release -- has issued several (55) security fixes for various vulnerabilities. Among others, the update fixes the <strong>critical vulnerability</strong> <code>CVE-2022-30136</code> which is a RCE vulnerability in the network file system (NFS). The vulnerability can be exploited by an <strong>unauthenticated attacker</strong> using a specially crafted call to a NFS service [1]. The vulnerability is not exploitable in NFSV2.0 or NFSV3.0 [2].</p><p>There is no evidence that this vulnerability is exploited in the wild. However, it is recommended to patch as soon as possible.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability tracked as <code>CVE-2022-30136</code> (CVSS score: 9.8) affects Windows assets running NFS. This vulnerability is not exploitable in NFSV2.0 or NFSV3.0 [2]. Microsoft has not provided more technical details about this vulnerability at this time. </p><h2 id=\"affected-products\">Affected Products</h2><p>This vulnerability affects the following Windows products with NFS enabled (also Server Core installation):</p><ul><li>Windows Server 2012 R2;</li><li>Windows Server 2012;</li><li>Windows Server 2016;</li><li>Windows Server 2019.</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends to apply the patches provided by Microsoft as soon as possible.</p><h3 id=\"mitigations\">Mitigations</h3><p>The advisory notes that NFS versions 2.0 and 3.0 are not affected and administrators can disable NFS version 4.1 to mitigate this flaw [2].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.tenable.com/blog/microsofts-june-2022-patch-tuesday-addresses-55-cves-cve-2022-30190\">https://www.tenable.com/blog/microsofts-june-2022-patch-tuesday-addresses-55-cves-cve-2022-30190</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30136\">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30136</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://media.cert.europa.eu/static/SecurityAdvisories/2022/CERT-EU-SA2022-039.pdf\">https://media.cert.europa.eu/static/SecurityAdvisories/2022/CERT-EU-SA2022-039.pdf</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}