CVE-2022-29144: 
vulnerability analysis and mitigation

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability was identified and tracked as CVE-2022-29144. The vulnerability was discovered and initially recorded on April 12, 2022, affecting Microsoft Edge Chromium versions up to (but not including) 100.0.1185.44 (NVD, CVE).

The vulnerability has received a CVSS v3.1 base score of 7.5 (HIGH) with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability is network exploitable (AV:N) with high attack complexity (AC:H), requires no privileges (PR:N), needs user interaction (UI:R), has unchanged scope (S:U), and can result in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H) (NVD).

The vulnerability could potentially lead to elevation of privilege in Microsoft Edge Chromium-based browser. Given the CVSS scoring, successful exploitation could result in high impacts across confidentiality, integrity, and availability of the affected system (NVD).

Microsoft has released a security update to address this vulnerability. Users should upgrade to Microsoft Edge version 100.0.1185.44 or later to mitigate the risk (ManageEngine).