CVE Series: Follina (CVE-2022-30190)

The Follina exploit (CVE-2022-30190) is a Windows Remote Code Execution (RCE) vulnerability that could allow a threat actor to acquire an initial level of access after a successful phishing attack. Take our course to gain the skills you need to identify the vulnerability, detect it, and mitigate it (with current best knowledge).

Time

1 hour 50 minutes

Difficulty

Intermediate

NEED TO TRAIN YOUR TEAM? LEARN MORE

Join over 3 million cybersecurity professionals advancing their career

Required fields are marked with an *

View all SSO options

Already have an account? Sign In »

Course Content

Module 1: Exploitation

Introduction and Background

10m

Identifying the Vulnerability

Exploiting CVE-2022-30190 (Lab)

45m

Application of Use for Penetration Testers and Red Teamers

Module 2: Detection and Remediation

2.1Root Cause and Detection

10m

2.2Remediating CVE-2022-30190 (Lab)

35m

Course Description

Who should take this course?

This course is for seasoned offensive security professionals, SOC analysts, and Windows system administrators who want to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

What are the prerequisites for this course?

You should have functional knowledge of Windows as an operating system, unique URI schemes, and scripting languages like powershell.

Why should I take this course?

Microsoft released a security bulletin defining the Follina vulnerability on May 30th, 2022, with a base CVSS score of 7.8. This vulnerability is rated as “High” due to the ability of attackers to execute remote code on a system, install programs, modify data, or create new accounts in the context allowed by the user’s rights. This variation has made the attack very enticing for Advanced Persistent Threat actors (APTs) and cyber criminal organizations because detections are more immature and thus the potential for impacting organizations more easily is greater.

What makes this course different from other courses on similar topics?

By the end of this course, you should be able to:

Explain what the “Follina Exploit” is and which CVE is associated with the vulnerability.
Describe the root cause of the vulnerability.
Perform exploitation of the vulnerability with publicly available exploit code.
Identify how to detect the vulnerability as well as mitigate it.

Your instructor, Matt Mullins, is a seasoned professional in offensive security with over a decade of experience where he has worked in medical, financial, and government spaces. Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security.

Why should I take this course on Cybrary and not somewhere else?

Our Follina vulnerability (CVE-2022-30190)course enables you to learn from the foremost experts in the field and ensures your readiness to recognize and mitigate this CVE. Defenders will know how to protect their organization against this vulnerability. Offensive teams will be able to exploit this vulnerability. Our on-demand format affords you the flexibility to learn at your own pace.

Instructed By

Matthew Mullins

Security Researcher - Adversary Emulation

Master Instructor

Provider

Certificate of Completion

Complete this entire course to earn a CVE Series: Follina (CVE-2022-30190) Certificate of Completion

WorkRole

Exploitation Analyst

Cyber Defense Analyst

Skillset

Microsoft

Attack and Exploitation

Threats, Attacks, And Vulnerabilities