CVE-2022-30190βMicrosoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
PUBLISHEDvulnerability record
2022-06-14 Β· last modified June 21, 2025
Metadata
Vulnerability Name
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Known To Be Used in Ransomware Campaigns?
Action
Apply updates per vendor instructions.