Microsoft Windows Network Policy Server (NPS) RADIUS Protocol information disclosure [CVE-2022-41097]
CVE number = CVE-2022-41097
Microsoft Windows could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the Network Policy Server (NPS) RADIUS Protocol component.
By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information from memory in the process heap and use this information to launch further attacks against the affected system.
Further information and affected versions see – https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41097
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.