Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2022-21127: Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2022-21127: Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update)

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
06/14/2022
Created
06/15/2022
Added
06/14/2022
Modified
09/06/2024

Description

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Solution(s)

  • microsoft-windows-windows_10-1507-kb5014710
  • microsoft-windows-windows_10-1607-kb5014702
  • microsoft-windows-windows_10-1809-kb5014692
  • microsoft-windows-windows_10-20h2-kb5014699
  • microsoft-windows-windows_10-21h1-kb5014699
  • microsoft-windows-windows_10-21h2-kb5014699
  • microsoft-windows-windows_11-21h2-kb5014697
  • microsoft-windows-windows_server_2012-kb5014741
  • microsoft-windows-windows_server_2012_r2-kb5014746
  • microsoft-windows-windows_server_2016-1607-kb5014702
  • microsoft-windows-windows_server_2019-1809-kb5014692
  • microsoft-windows-windows_server_2022-21h2-kb5014678
  • microsoft-windows-windows_server_2022-22h2-kb5014678
  • msft-kb5014699-268f7033-a18e-4add-88c6-c07a37cf3556
  • msft-kb5014741-1449e5bd-35d4-4939-b5e8-3c00ab8483e6
  • msft-kb5014741-8814e0f7-145f-4e2b-844f-8bbd0d99addf
  • msft-kb5014742-494d09f2-93b3-4bc3-8b23-6b3dfe3c706a
  • msft-kb5014742-56d11e9b-c79f-4426-83bd-d0a3c7400fe0
  • msft-kb5014742-9147b571-ceb3-4f3c-bf0a-028bca1faf4a
  • msft-kb5014742-e6678f12-df70-4474-9501-24b322bbc758
  • msft-kb5014742-fbc62ec9-aa61-406d-9d59-ebe8730a9de7
  • msft-kb5014743-2b1ef262-1615-4171-884d-bf50d957d951
  • msft-kb5014743-5d63ce8b-ca4c-4722-995d-69db0883b40d
  • msft-kb5014746-9dd857d9-c4df-499a-a7b5-6318ded5b09f
  • msft-kb5014746-c0f93fdb-0e3d-4874-9b0f-8e1f689c93bc

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;