According to an alert released by CISA (U.S. Cybersecurity and Infrastructure Agency), federal agencies should immediately address CVE-2022-21882, a Win32k Elevation of Privilege vulnerability.
CVE-2022-21882 Elevation of Privilege Windows Vulnerability
The Windows flaw could be exploited by threat actors to gain elevated permissions on vulnerable systems. CISA says that Federal Civilian Executive Branch agencies should patch all exposed systems by February 18, 2022. CVE-2022-21882 also has been added to the list of Known Exploited Vulnerabilities Catalog.
According to the alert, CISA has added the flaw “based on evidence that threat actors are actively exploiting the vulnerabilities” listed in the above-mentioned catalog. “These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise,” the agency added.
What is an elevation of privilege attack?
An elevation-of-privilege condition, also known as privilege escalation, takes place when an application gains rights or privileges that should not be available to them. It can be perceived as the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application with the purpose of getting elevated access to resources that are usually unreachable.
As a result, an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions, as per Wikipedia’s description.
Another example of an EoP flaw is CVE-2021-41379.