An Analysis of Remote Code Execution Vulnerability CVE-2022–34718
TCP/IP Vulnerability CVE-2022–34718 PoC Restoration and Analysis
TCP/IP Protocol Remote Code Execution Vulnerability CVE-2022–34718
Background and Preparation
The patch released by Microsoft last month contained a vulnerability in the TCP/IP protocol that allowed for code execution. To ascertain the impact of the vulnerability, Numen’s security research team conducted an in-depth analysis of the vulnerability and restored the PoC through patch comparison.
This article will detail how we restored the PoC, as well as the details of the vulnerability. Numen will continue to output high-quality security research articles and results, provide high-quality research results for Web3 security and other fields of network security, and help safeguard the healthy development of network security.
Technical references: Familiarity with these packet structures related to IPv6 and IPSec ESP protocols would aid in understanding this analysis: