Kaspersky Threats

Detect date

?

06/14/2022

Severity

?

High

Description

A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code.

Affected products

Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR)
Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU 4)
Microsoft SQL Server 2017 for x64-based Systems (GDR)
Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU 4)
Microsoft SQL Server 2019 for x64-based Systems (GDR)
Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR)
Microsoft SQL Server 2019 for x64-based Systems (CU 16)
Microsoft SQL Server 2017 for x64-based Systems (CU 29)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU 17)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connectivity Pack
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2022-29143

Impacts

?

ACE

[?]

Detect date ?	06/14/2022
Severity ?	High
Description	A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code.
Affected products	Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR) Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU 4) Microsoft SQL Server 2017 for x64-based Systems (GDR) Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU 4) Microsoft SQL Server 2019 for x64-based Systems (GDR) Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR) Microsoft SQL Server 2019 for x64-based Systems (CU 16) Microsoft SQL Server 2017 for x64-based Systems (CU 29) Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU 17) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connectivity Pack Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2022-29143
Impacts ?	ACE [?]
Related products	Microsoft SQL Server Microsoft Azure
KB list	5014354 5014353 5015371 5014553 5014355 5014351 5014165 5014164 5014365 5014356
Microsoft official advisories	Microsoft Security Update Guide
	Find out the statistics of the vulnerabilities spreading in your region

KLA12562RCE vulnerability in Microsoft SQL Server

KLA12562
RCE vulnerability in Microsoft SQL Server