QID 91921
Date Published: 2022-07-13
QID 91921: Microsoft Windows Network File System (NFS) Remote Code Execution (RCE) Vulnerability for July 2022
Microsoft Windows Network File System is vulnerable to Remote Code Execution Vulnerability.
This vulnerability is not exploitable in NFSV4.1
The KB Articles associated with the update are:
KB5015874
KB5015877
KB5015863
KB5015875
KB5015861
KB5015862
KB5015866
KB5015870
KB5015808
KB5015807
KB5015827
KB5015811
QID Detection Logic (Authenticated):
This QID checks for the file version of nfssvr.sys and checks if the mitigations have been applied.
This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE).
Workaround:
The following PowerShell command will disable the affected versions:
PS C:\Set-NfsServerConfiguration -EnableNFSV3 $false
- CVE-2022-22029 -
msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22029
CVEs related to QID 91921
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| KB5015807 |
support.microsoft.com/en-in/help/5015807 |
||
| KB5015808 |
support.microsoft.com/en-in/help/5015808 |
||
| KB5015811 |
support.microsoft.com/en-in/help/5015811 |
||
| KB5015827 |
support.microsoft.com/en-in/help/5015827 |
||
| KB5015861 |
support.microsoft.com/en-in/help/5015861 |
||
| KB5015862 |
support.microsoft.com/en-in/help/5015862 |
||
| KB5015863 |
support.microsoft.com/en-in/help/5015863 |
||
| KB5015866 |
support.microsoft.com/en-in/help/5015866 |
||
| KB5015870 |
support.microsoft.com/en-in/help/5015870 |
||
| KB5015874 |
support.microsoft.com/en-in/help/5015874 |
||
| KB5015875 |
support.microsoft.com/en-in/help/5015875 |
||
| KB5015877 |
support.microsoft.com/en-in/help/5015877 |