Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service.

Published: Dec 18, 2024
Updated: Nov 16, 2025
CVE: CVE-2022-40733
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5
AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
microsoft / windows_11_21h2	10.0.22000.593	10.0.22000.593.x
microsoft / windows_server_2022	10.0.20348.643	10.0.20348.643.x

https://talosintelligence.com/vulnerability_reports/TALOS-2022-1515

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo