CVE-2022-45141

Published Mar 6, 2023

Last updated a year ago

CVSS critical 9.8
Smb

Overview

Description
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Source
secalert@redhat.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

secalert@redhat.com
CWE-328
nvd@nist.gov
CWE-326
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-326

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.CVE-2026-26128
  2. Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.CVE-2026-24294
  3. In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is freed via free_transport(), which does not decrement active_num_conn, leaking this counter. Replace free_transport() with ksmbd_tcp_disconnect().CVE-2026-23228
  4. Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.CVE-2026-20934
  5. Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.CVE-2026-20926

References

Sources include official advisories and independent security research.