CVE-2010-2568
Summary
| CVE | CVE-2010-2568 |
|---|---|
| State | PUBLISHED |
| Assigner | microsoft |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-07-22 05:43:49 UTC |
| Updated | 2026-04-22 10:35:13 UTC |
| Description | Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems. |
Risk And Classification
Primary CVSS: v3.1 7.8 HIGH from ADP
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS: 0.921340000 probability, percentile 0.997140000 (date 2026-04-21)
CISA KEV: Listed on 2022-09-15; due 2022-10-06; ransomware use Unknown
Problem Types: NVD-CWE-noinfo | n/a | CWE-noinfo Not enough information
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | ADP | DECLARED | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
NoneUser Interaction
RequiredScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:M/Au:N/C:C/I:C/A:C
CISA Known Exploited Vulnerability
| Vendor | Microsoft |
|---|---|
| Product | Windows |
| Name | Microsoft Windows Remote Code Execution Vulnerability |
| Required Action | Apply updates per vendor instructions. |
| Notes | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046; https://nvd.nist.gov/vuln/detail/CVE-2010-2568 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows 7 | - | All | All | All |
| Operating System | Microsoft | Windows Server 2003 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | - | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | r2 | All | All | All |
| Operating System | Microsoft | Windows Server 2008 | r2 | All | All | All |
| Operating System | Microsoft | Windows Vista | - | sp1 | All | All |
| Operating System | Microsoft | Windows Vista | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp3 | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| US-CERT Vulnerability Note VU#940193 | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | Patch, Third Party Advisory, US Government Resource |
| US-CERT Technical Cyber Security Alert TA10-222A -- Microsoft Updates for Multiple Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.us-cert.gov | Third Party Advisory, US Government Resource |
| About Secunia Research | Flexera | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Espionage Attack Uses LNK Shortcut Files - F-Secure Weblog : News from the Lab | af854a3a-2127-422b-91ae-364da2661108 | www.f-secure.com | Not Applicable |
| Vulnerability in Windows "LNK" files? | af854a3a-2127-422b-91ae-364da2661108 | isc.sans.edu | Exploit, Issue Tracking |
| Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Broken Link, Exploit, Third Party Advisory, VDB Entry |
| Experts Warn of New Windows Shortcut Flaw — Krebs on Security | af854a3a-2127-422b-91ae-364da2661108 | krebsonsecurity.com | Press/Media Coverage |
| Your request has been blocked. This could be due to several reasons. | af854a3a-2127-422b-91ae-364da2661108 | www.microsoft.com | Broken Link, Patch, Vendor Advisory |
| www.f-secure.com/weblog/archives/new_rootkit_en.pdf | af854a3a-2127-422b-91ae-364da2661108 | www.f-secure.com | Exploit |
| www.cisa.gov/known-exploited-vulnerabilities-catalog | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | www.cisa.gov | US Government Resource |
| SecurityTracker.com Archives - Microsoft Windows Shell LNK Shortcut Processing Flaw Lets Users Execute Arbitrary Code | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | Broken Link, Third Party Advisory, VDB Entry |
| The CPL Icon Loading Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.geoffchappell.com | Third Party Advisory |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | Broken Link |
| Microsoft Security Bulletin MS10-046 - Critical | Microsoft Docs | af854a3a-2127-422b-91ae-364da2661108 | docs.microsoft.com | Patch, Vendor Advisory |
| Preempting a Major Issue Due to the LNK Vulnerability - Raising Infocon to Yellow | af854a3a-2127-422b-91ae-364da2661108 | isc.sans.edu | Issue Tracking |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| ADP | 2022-09-15T00:00:00.000Z | CVE-2010-2568 added to CISA KEV |
There are currently no legacy QID mappings associated with this CVE.