Security Alert Report: CVE-2022-47966

Man looking at screen.

Man looking at screen.

Warning: A new vulnerability (CVE-2022-47966) can allow attackers to gain high, system-level access without authentication.

CVE-2022-47966 represents a significant enterprise threat by impacting products like ServiceDesk Plus, Active Directory 360, and more. The vulnerability is now publicly available and allows attackers to access a system via remote code execution and gain control without the need for authentication.

Experts report that the vulnerability is alarmingly simple for attackers to exploit, especially for use in “spray and pay” assaults. It is suspected that the vulnerability stems from susceptible, third-party dependencies and breaches are being detected for those who haven’t patched affected products. By gaining full control of a system, attackers can threaten all credentials stored in an application or dump them by utilizing Local Security Authority Server Service (LSSASS). Additionally, the vulnerability allows attackers easy access to customer environments.

Fortunately, Milestone has a solution to help organizations better protect themselves from vulnerability threats. With ActivateVR, customers can successfully prioritize and remediate critical vulnerabilities quickly and effectively.

Contact us today to learn more about how ActivateVR can be a vital asset in protecting your operations.


Select a Child Category
Recent Posts
Social Links

Related Posts

Want to Learn More?

Milestone experts take the time to listen, understand your needs, and provide the right mix of tools, technology, and resources to help you meet your goals.

Request a complimentary consultation to get started.

Request a Complimentary Consultation

Skip to content