CVE-2022-21900: 
vulnerability analysis and mitigation

CVE-2022-21900 is a Windows Hyper-V Security Feature Bypass Vulnerability that was discovered and assigned on December 14, 2021, and publicly disclosed on January 11, 2022. This vulnerability affects various versions of Microsoft Windows and Windows Server systems running Hyper-V services. The vulnerability is distinct from CVE-2022-21905, another Hyper-V-related security issue (Rapid7, CVE).

The vulnerability has been assigned a CVSS score of 4.0 (AV:A/AC:M/Au:S/C:N/I:P/A:P), indicating moderate severity. The attack vector is adjacent network (AV:A), requires medium attack complexity (AC:M), and single authentication (Au:S). The impact metrics show no impact on confidentiality (C:N), but partial impacts on integrity and availability (I:P, A:P) (Rapid7).

The vulnerability could allow an attacker to bypass security features in Windows Hyper-V, potentially compromising the integrity and availability of affected systems. However, the impact is somewhat limited as indicated by the partial impact scores for integrity and availability, with no direct impact on confidentiality (Rapid7).

Microsoft has released security updates to address this vulnerability across multiple Windows versions including Windows 10 (versions 1507, 1607, 1809, 1909, 21H1, 21H2), Windows 11 21H2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022. These updates are available through various KB articles including KB5009543, KB5009546, KB5009557, KB5009545, KB5009566, KB5009619, and KB5009595 (Rapid7).