← Retour aux CVEs
CVE-2022-42948
CRITICALCISA KEV9.8
Description
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie3/24/2023
Derniere modification11/3/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurFortra
ProduitCobalt Strike
Nom vulnerabiliteFortra Cobalt Strike User Interface Remote Code Execution Vulnerability
Date ajout KEV2023-03-30
Date limite remediation2023-04-20
Utilise dans ransomwareUnknown
Produits affectes
helpsystems:cobalt_strike
Faiblesses (CWE)
CWE-116CWE-116
References
https://thesecmaster.com/how-to-fix-cve-2022-42948-a-critical-rce-vulnerability-in-cobalt-strike/(cve@mitre.org)
https://www.cobaltstrike.com/blog/(cve@mitre.org)
https://www.redpacketsecurity.com/helpsystems-cobalt-strike-code-execution-cve-2022-42948/(cve@mitre.org)
https://thesecmaster.com/how-to-fix-cve-2022-42948-a-critical-rce-vulnerability-in-cobalt-strike/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cobaltstrike.com/blog/(af854a3a-2127-422b-91ae-364da2661108)
https://www.redpacketsecurity.com/helpsystems-cobalt-strike-code-execution-cve-2022-42948/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-42948(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.