CVE-2022-22047

ENISA EUVD: EUVD-2022-27201 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 5 articles Published: 2022-07-12

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

1.2%

probability

This CVE has a 1.2% probability of being exploited in the next 30 days.

0% Top 79.1th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Unproven

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CVSS v2 (legacy)

7.2

HIGH

Access Vector

Local

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

NVD

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Affected Products

Microsoft

Windows 10 Version 1809

10.0.17763.0

Microsoft

Windows 10 Version 1809

10.0.0

Microsoft

Windows Server 2019

10.0.17763.0

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0

Microsoft

Windows 10 Version 21H1

10.0.0

microsoft

windows 10 1507

microsoft

windows 10 1607

microsoft

windows 10 1809

microsoft

windows 10 20h2

microsoft

windows 10 21h1

Microsoft

Windows Server 2012 R2 (Server Core installation)

6.3.9600.0 <6.3.9600.20478

Microsoft

Windows 10 Version 1809

10.0.17763.0 <10.0.17763.3165

Microsoft

Windows 8.1

6.3.0 <6.3.9600.20478

Microsoft

Windows 10 Version 20H2

10.0.0 <10.0.19042.1826

Microsoft

Windows 7

6.1.0 <6.1.7601.26022

Microsoft

Windows 10 Version 1507

10.0.10240.0 <10.0.10240.19360

Microsoft

Windows Server 2008 Service Pack 2 (Server Core installation)

6.0.6003.0 <6.0.6003.21569

Microsoft

Windows 10 Version 1607

10.0.14393.0 <10.0.14393.5246

Microsoft

Windows 10 Version 21H2

10.0.19043.0 <10.0.19044.1826

Microsoft

Windows Server 2012

6.2.9200.0 <6.2.9200.23771

Microsoft

Windows Server version 20H2

10.0.0 <10.0.19042.1826

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0 <10.0.17763.3165

Microsoft

Windows Server 2016 (Server Core installation)

10.0.14393.0 <10.0.14393.5246

Microsoft

Windows 7 Service Pack 1

6.1.0 <6.1.7601.26022

Microsoft

Windows Server 2012 (Server Core installation)

6.2.9200.0 <6.2.9200.23771

Microsoft

Windows Server 2019

10.0.17763.0 <10.0.17763.3165

Microsoft

Windows Server 2008 R2 Service Pack 1 (Server Core installation)

6.1.7601.0 <6.1.7601.26022

Microsoft

Windows 10 Version 1809

10.0.0 <10.0.17763.3165

Microsoft

Windows Server 2012 R2

6.3.9600.0 <6.3.9600.20478

Microsoft

Windows 11 version 21H2

10.0.0 <10.0.22000.795

Microsoft

Windows Server 2008 Service Pack 2

6.0.6003.0 <6.0.6003.21569

Microsoft

Windows Server 2022

10.0.20348.0 <10.0.20348.825

Microsoft

Windows 10 Version 21H1

10.0.0 <10.0.19043.1826

Microsoft

Windows Server 2008 Service Pack 2

6.0.6003.0 <6.0.6003.21569

Microsoft

Windows Server 2008 R2 Service Pack 1

6.1.7601.0 <6.1.7601.26022

Microsoft

Windows Server 2016

10.0.14393.0 <10.0.14393.5246

Attack Intelligence

CWE-426 · Untrusted Search Path CWE-642 · External Control of Critical State Data CWE-664 · Improper Control of a Resource Through its Lifetime CWE-668 · Exposure of Resource to Wrong Sphere CWE-673

Google Project Zero

Patched

July 12, 2022

Reported by

Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC)

Root Cause Analysis

???

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047

vendor-advisory

Signal Intelligence

Confidenceⓘ

78%

EPSS 1.2%

CVSS v3.1 7.8

Mentions 5

Last Seen Sep 01, 2022

CNA Information

CNA Assigner

microsoft

CNA Title

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Analyst Note

CVE-2022-22047 is a HIGH severity elevation of privilege vulnerability in Windows CSRSS with confirmation from Google Project Zero and CERT-EU security advisory coverage, supporting the CONFIRMED status. However, the absence from CISA KEV catalog and limited article coverage (only 1 source) prevents a higher confidence score, though the technical evidence from authoritative sources substantiates the vulnerability's authenticity.

Triage Info

Decided atMar 03, 2026

Published DateJul 12, 2022