CVE-2022-41924

Published on: Not Yet Published

Last Modified on: 12/01/2022 03:45:00 PM UTC

CVE-2022-41924 - advisory for GHSA-vqp6-rc3h-83cp

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:H

Certain versions of Windows from Microsoft contain the following vulnerability:

A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and communicated with the Windows client GUI in cleartext with no Host header verification. This allowed an attacker-controlled website visited by the node to rebind DNS to an attacker-controlled DNS server, and then make local API requests in the client, including changing the coordination server to an attacker-controlled coordination server. An attacker-controlled coordination server can send malicious URL responses to the client, including pushing executables or installing an SMB share. These allow the attacker to remotely execute code on the node. All Windows clients prior to version v.1.32.3 are affected. If you are running Tailscale on Windows, upgrade to v1.32.3 or later to remediate the issue.

  • CVE-2022-41924 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as CRITICAL severity.
  • Affected Vendor/Software: URL Logo tailscale - tailscale version < 1.32.3

CVSS3 Score: 9.6 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
CHANGED HIGH HIGH HIGH

CVE References

Description Tags Link
Security Bulletins · Tailscale tailscale.com
text/html
URL Logo MISC tailscale.com/security-bulletins/#ts-2022-004
CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au
text/html
URL Logo MISC emily.id.au/tailscale
Tailscale Windows daemon is vulnerable to RCE via CSRF · Advisory · tailscale/tailscale · GitHub github.com
text/html
URL Logo CONFIRM github.com/tailscale/tailscale/security/advisories/GHSA-vqp6-rc3h-83cp

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
MicrosoftWindows-AllAllAll
ApplicationTailscaleTailscaleAllAllAllAll
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*:
  • cpe:2.3:a:tailscale:tailscale:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @hn_frontpage CVE-2022-41924 – tailscaled can be used to remotely execute code L: tailscale.com/security-bulle… C: news.ycombinator.com/item?id=336958… 2022-11-21 18:23:53
Twitter Icon @radoncnotes CVE-2022-41924 – tailscaled can be used to remotely execute code ift.tt/mCVlSnM 3 2022-11-21 18:25:10
Twitter Icon @terrypferguson CVE-2022-41924 – tailscaled can be used to remotely execute code ift.tt/q2dHaRF 3 2022-11-21 18:28:20
Twitter Icon @knelsonvsi CVE-2022-41924 – tailscaled can be used to remotely execute code ift.tt/qxlwZ9M 3 2022-11-21 18:28:47
Twitter Icon @winsontang CVE-2022-41924 – tailscaled can be used to remotely execute code tailscale.com/security-bulle… 2022-11-21 18:29:03
Twitter Icon @HNTweets CVE-2022-41924 – tailscaled can be used to remotely execute code: tailscale.com/security-bulle… Comments: news.ycombinator.com/item?id=336958… 2022-11-21 18:30:02
Twitter Icon @HackerNewsTop10 CVE-2022-41924 – tailscaled can be used to remotely execute code Link: tailscale.com/security-bulle… Comments: news.ycombinator.com/item?id=336958… 2022-11-21 18:32:12
Twitter Icon @betterhn20 CVE-2022-41924 – tailscaled can be used to remotely execute code tailscale.com/security-bulle… (news.ycombinator.com/item?id=336958…) 2022-11-21 18:37:30
Twitter Icon @betterhn50 CVE-2022-41924 – tailscaled can be used to remotely execute code tailscale.com/security-bulle… (news.ycombinator.com/item?id=336958…) 2022-11-21 19:00:14
Twitter Icon @newsycombinator CVE-2022-41924 – tailscaled can be used to remotely execute code tailscale.com/security-bulle… 2022-11-21 19:00:29
Twitter Icon @newsvogueindia New top story on Hacker News: CVE-2022-41924 – tailscaled can be used to remotely execute code ift.tt/SeIDWo7 2022-11-21 19:00:41
Twitter Icon @hackernewsj CVE-2022-41924 – tailscaled を使用して、Windows でコードをリモートで実行できる tailscale.com/security-bulle… 2022-11-21 19:10:47
Twitter Icon @winsontang CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows emily.id.au/tailscale?utm_… 2022-11-21 19:15:33
Twitter Icon @HNTweets CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows: emily.id.au/tailscale Comments: news.ycombinator.com/item?id=336958… 2022-11-21 19:20:02
Twitter Icon @CommentsHn CVE-2022-41924 – tailscaled can be used to remotely execute code - tailscale.com/security-bulle… 84 points - 27 comments… twitter.com/i/web/status/1… 2022-11-21 19:21:04
Twitter Icon @top_hn_bot New top story! Poster: ghuntley Title: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows… twitter.com/i/web/status/1… 2022-11-21 19:30:17
Twitter Icon @lobsters CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You lobste.rs/s/ypn8zp #security emily.id.au/tailscale 2022-11-21 19:45:09
Twitter Icon @newsycombinator CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows emily.id.au/tailscale 2022-11-21 20:01:13
Twitter Icon @ZeroGdoubleD CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale 2022-11-21 20:05:01
Twitter Icon @CommentsHn CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows - emily.id.au/tailscale 209 points -… twitter.com/i/web/status/1… 2022-11-21 20:20:50
Twitter Icon @suitingtseng CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows news.ycombinator.com/item?id=336958… 2022-11-21 20:22:51
Twitter Icon @newsyc200 CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows emily.id.au/tailscale (news.ycombinator.com/item?id=336958…) 2022-11-21 20:34:04
Twitter Icon @newsyc250 CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows emily.id.au/tailscale (news.ycombinator.com/item?id=336958…) 2022-11-21 20:48:35
Twitter Icon @markcartertm ? CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You - The speed and quality of @Tailscale response to our… twitter.com/i/web/status/1… 2022-11-21 23:03:24
Twitter Icon @Komodosec #security CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale?utm_… 2022-11-21 23:15:07
Twitter Icon @InfoSecSherpa CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You 25 min read Jamie McClymont & Emily Trau 2022-11-22 emily.id.au 2022-11-22 00:48:15
Twitter Icon @veritopa_media New best story on Hacker News: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows ift.tt/mtp0Vza 2022-11-22 01:21:40
Twitter Icon @rakhisharma01 New best story on Hacker News: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows… twitter.com/i/web/status/1… 2022-11-22 01:35:52
Twitter Icon @ali_is_digital New best story on [email protected]: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows ift.tt/2gAfZrw 2022-11-22 01:46:09
Twitter Icon @rahul_bahuguna CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows ift.tt/s95OikM #technews #news 2022-11-22 01:47:15
Twitter Icon @BreakTheSec CVE-2022-41924: Tailscale - Remote code execution vulnerability emily.id.au/tailscale #infosec #vulnerability… twitter.com/i/web/status/1… 2022-11-22 02:05:13
Twitter Icon @DavidsonLuna CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows ift.tt/gIjhpSP #tech #technology #news via Hacker News 2022-11-22 02:08:29
Twitter Icon @AlikKarmokar New best story on Hacker News: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows ift.tt/j68V4zY 2022-11-22 02:12:25
Twitter Icon @Tsuki_ CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You ift.tt/tN4q1lY 2022-11-22 02:13:27
Twitter Icon @newsycombinator CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows emily.id.au/tailscale 2022-11-22 03:00:28
Twitter Icon @Linda_pp Tailscale にリモートコード実行の脆弱性が出てる(CVE-2022-41924).昨日のリリースにアップデートが必要 emily.id.au/tailscale 2022-11-22 03:16:02
Twitter Icon @CommentsHn CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows - emily.id.au/tailscale 577 points -… twitter.com/i/web/status/1… 2022-11-22 03:20:51
Twitter Icon @ens7piper New best story on Hacker News: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows bit.ly/3GAGExd 2022-11-22 04:00:00
Twitter Icon @Din3zh CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You - emily.id.au/tailscale #RCE #CVE 2022-11-22 04:20:20
Twitter Icon @kdmsnr CVE-2022-41924 – tailscaled を使用して、Windows でコードをリモートで実行できる via Hacker News ift.tt/1bYkmDn 2022-11-22 05:04:47
Twitter Icon @omiossec_med CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale 2022-11-22 05:44:50
Twitter Icon @GavLaaaaaaaa CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale #programming #softwareengineering… twitter.com/i/web/status/1… 2022-11-22 06:42:33
Twitter Icon @SproutCats CAT HACKER: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows bit.ly/3V10N4e 2022-11-22 06:45:57
Twitter Icon @sharon_smith_1 CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows bit.ly/3V10N4e 2022-11-22 06:49:47
Twitter Icon @Cloud_Devops CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows emily.id.au/tailscale 2022-11-22 07:10:00
Twitter Icon @gaetanoz CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale 2022-11-22 07:48:37
Twitter Icon @n0ipr0cs CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale 2022-11-22 13:40:32
Twitter Icon @CVEtrends Top 3 trending CVEs on Twitter Past 24 hrs: CVE-2022-41924: 954.6K (audience size) CVE-2022-41040: 454.4K CVE-2022… twitter.com/i/web/status/1… 2022-11-22 14:00:04
Twitter Icon @Har_sia CVE-2022-41924 har-sia.info/CVE-2022-41924… #HarsiaInfo 2022-11-22 15:07:45
Twitter Icon @Har_sia CVE-2022-41924 har-sia.info/CVE-2022-41924… #HarsiaInfo 2022-11-22 18:23:34
Twitter Icon @GeekNewsBot CVE-2022-41924 - Tailscale 원격 코드 실행 취약점 패치 news.hada.io/topic?id=7877 - Tailscale은 자동 업데이트 되지 않으므로 수동 업데이트 해야함 - 웹… twitter.com/i/web/status/1… 2022-11-23 03:11:03
Twitter Icon @IT_CORD #GeekNews #긱뉴스 CVE-2022-41924 - Tailscale 원격 코드 실행 취약점 패치 news.hada.io/topic?id=7877   #IT #TECH #테크 #Trends #트렌드 2022-11-23 04:04:32
Twitter Icon @matsuu_zatsu CVE-2022-41924 – tailscaled can be used to remotely execute code tailscale.com/security-bulle… 2022-11-23 05:35:49
Twitter Icon @pinboard_pop CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale 2022-11-23 08:00:05
Twitter Icon @ChrisShort Suggested Read: CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You emily.id.au/tailscale 2022-11-23 13:47:01
Reddit Logo Icon /r/cybersecurity CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You 2022-11-21 18:32:38
Reddit Logo Icon /r/programming CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You 2022-11-21 18:29:27
Reddit Logo Icon /r/Tailscale CVE-2022-41924 - Tailscale, DNS Rebinding, and You 2022-11-21 18:27:10
Reddit Logo Icon /r/hypeurls CVE-2022-41924 – tailscaled can be used to remotely execute code 2022-11-21 19:06:34
Reddit Logo Icon /r/patient_hackernews CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows 2022-11-21 20:46:30
Reddit Logo Icon /r/devopsish CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You 2022-11-21 20:34:24
Reddit Logo Icon /r/fastvoted Hacker News: CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows | 165 points in 2 hours 2022-11-21 20:02:07
Reddit Logo Icon /r/hackernews CVE-2022-41924 – tailscaled can be used to remotely execute code on Windows 2022-11-21 20:00:03
Reddit Logo Icon /r/netcve CVE-2022-41924 2022-11-23 19:38:13
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report