Elevation of Privilege - Windows Container Execution Agent (CVE-2021-26891) - High [577] Description: Windows Container Execution Agent Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26865.1. Elevation of Privilege - Windows Container Execution Agent (CVE-2021-26891) - High [577] Description: Windows Container Execution Agent Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26865.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 1.0 | 17 | Public exploit is found at Vulners (Microsoft Windows Containers Privilege Escalation) |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Container Execution Agent |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
2. 
Memory Corruption - Internet Explorer (CVE-2021-26411) - High [572] Description: Internet Explorer Memory Corruption Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 1.0 | 18 | Exploitation in the wild is mentioned at Vulners (AttackerKB object), AttackerKB |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.6 | 15 | Memory Corruption |
| Vulnerable Product is Common | 0.6 | 14 | MS Internet Browser |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on NVD data |
qualys: Microsoft released patches addressing another 0-day vulnerability (CVE-2021-26411). This is a memory corruption vulnerability in Internet Explorer. This CVE already has a working exploit and is assigned a CVSSv3 base score of 8.8 by the vendor.
tenable: CVE-2021-26411 is a memory corruption vulnerability in Internet Explorer that was exploited in the wild as a zero-day. In order to exploit the flaw, an attacker would need to host the exploit code on a malicious website and convince a user through social engineering tactics to visit the page, or the attacker could inject the malicious payload into a legitimate website.
rapid7: Since going end-of-life in November 2020, we haven't seen any Internet Explorer patches from Microsoft. However, this month Microsoft has made two new updates available: CVE-2021-27085 and CVE-2021-26411. CVE-2021-26411 has been exploited in the wild, so don't delay applying patches if IE is still in your environment.
zdi: CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability. This patch corrects a bug in Internet Explorer (IE) and Edge (EdgeHTML-based) that could allow an attacker to run their code on affected systems if they view a specially crafted HTML file. Microsoft lists this as both publicly known and under active attack at the time of release. While not as impactful as the Exchange bugs, enterprises that rely on Microsoft browsers should definitely roll this out quickly. Successful exploitation would yield code execution at the level of the logged-on user, which is another reminder not to browse web pages using an account with Administrative privileges.
3. 
Remote Code Execution - Windows DNS Server (CVE-2021-26877) - High [494] Description: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data |
tenable: CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897 are RCE vulnerabilities found in Windows Domain Name System (DNS) servers. All five of these CVEs were assigned 9.8 CVSSv3 scores and can be exploited by an unauthenticated attacker when dynamic updates are enabled. According to an analysis by researchers at McAfee, these CVEs are not considered “wormable,” yet they do evoke memories of CVE-2020-1350 (SIGRed), a 17-year-old wormable flaw patched in July 2020.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
4. Remote Code Execution - Windows DNS Server (CVE-2021-26893) - High [494] Description: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data |
tenable: CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897 are RCE vulnerabilities found in Windows Domain Name System (DNS) servers. All five of these CVEs were assigned 9.8 CVSSv3 scores and can be exploited by an unauthenticated attacker when dynamic updates are enabled. According to an analysis by researchers at McAfee, these CVEs are not considered “wormable,” yet they do evoke memories of CVE-2020-1350 (SIGRed), a 17-year-old wormable flaw patched in July 2020.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
5. Remote Code Execution - Windows DNS Server (CVE-2021-26894) - High [494] Description: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26895, CVE-2021-26897.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data |
tenable: CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897 are RCE vulnerabilities found in Windows Domain Name System (DNS) servers. All five of these CVEs were assigned 9.8 CVSSv3 scores and can be exploited by an unauthenticated attacker when dynamic updates are enabled. According to an analysis by researchers at McAfee, these CVEs are not considered “wormable,” yet they do evoke memories of CVE-2020-1350 (SIGRed), a 17-year-old wormable flaw patched in July 2020.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
6. Remote Code Execution - Windows DNS Server (CVE-2021-26895) - High [494] Description: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26897.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data |
tenable: CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897 are RCE vulnerabilities found in Windows Domain Name System (DNS) servers. All five of these CVEs were assigned 9.8 CVSSv3 scores and can be exploited by an unauthenticated attacker when dynamic updates are enabled. According to an analysis by researchers at McAfee, these CVEs are not considered “wormable,” yet they do evoke memories of CVE-2020-1350 (SIGRed), a 17-year-old wormable flaw patched in July 2020.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
7. Remote Code Execution - Windows DNS Server (CVE-2021-26897) - High [494] Description: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data |
qualys: Microsoft released patches to fix a RCE vulnerability in Windows DNS Server (CVE-2021-26897). This vulnerability has a CVSSv3 base score of 9.8 and should be prioritized for patching.
tenable: CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897 are RCE vulnerabilities found in Windows Domain Name System (DNS) servers. All five of these CVEs were assigned 9.8 CVSSv3 scores and can be exploited by an unauthenticated attacker when dynamic updates are enabled. According to an analysis by researchers at McAfee, these CVEs are not considered “wormable,” yet they do evoke memories of CVE-2020-1350 (SIGRed), a 17-year-old wormable flaw patched in July 2020.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
zdi: CVE-2021-26897 – Windows DNS Server Remote Code Execution Vulnerability. This is the second straight month with a DNS server RCE vulnerability, and this month’s bug has company. A total of 5 bugs are listed as DNS Server Remote Code Execution Vulnerabilities, but this CVE is the only one listed as Critical. All note that Secure Zone Updates lessen the likelihood of successful exploitation but are not a full mitigation. This implies dynamic updates may be involved in the exploitation of these bugs. All five of these bugs are listed as a CVSS 9.8, and there is the outside chance this could be wormable between DNS servers. Definitely prioritize the testing and deployment of these updates.
8. Remote Code Execution - Microsoft Windows (CVE-2021-26881) - High [481] Description: Microsoft Windows Media Foundation Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows Kernel |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
9. Remote Code Execution - OpenType Font Parsing (CVE-2021-26876) - High [462] Description: OpenType Font Parsing Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.8 | 14 | OpenType Font Parsing |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
10. Remote Code Execution - Windows Graphics Component (CVE-2021-26861) - High [448] Description: Windows Graphics Component Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.8 | 14 | Windows Graphics Component |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
11. Remote Code Execution - Application Virtualization (CVE-2021-26890) - High [448] Description: Application Virtualization Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.8 | 14 | Application Virtualization |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
12. Remote Code Execution - HEVC Video Extensions (CVE-2021-24089) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
13. Remote Code Execution - HEVC Video Extensions (CVE-2021-24110) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
14. Remote Code Execution - HEVC Video Extensions (CVE-2021-26902) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
15. Remote Code Execution - HEVC Video Extensions (CVE-2021-27047) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
16. Remote Code Execution - HEVC Video Extensions (CVE-2021-27048) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
17. Remote Code Execution - HEVC Video Extensions (CVE-2021-27049) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
18. Remote Code Execution - HEVC Video Extensions (CVE-2021-27050) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
19. Remote Code Execution - HEVC Video Extensions (CVE-2021-27051) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27061, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
20. Remote Code Execution - HEVC Video Extensions (CVE-2021-27061) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27062.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
21. Remote Code Execution - HEVC Video Extensions (CVE-2021-27062) - High [429] Description: HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | HEVC Video Extensions |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
22. Remote Code Execution - Windows Hyper-V (CVE-2021-26867) - High [424] Description: Windows Hyper-V Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Windows Hyper-V |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
qualys: Microsoft released patches to fix a RCE vulnerability in Windows Hyper-V (CVE-2021-26867). This vulnerability has a CVSSv3 base score of 9.9 and should be prioritized for patching.
tenable: CVE-2021-26867 is an RCE vulnerability affecting Hyper-V clients that have been configured to utilize the Plan 9 file system (9P). Successful exploitation could allow an authenticated attacker to execute code on a Hyper-V server. Despite Microsoft rating this vulnerability as “Exploitation Less Likely,” the CVSSv3 score assigned to this flaw is a 9.9 out of 10.0. However, it is important to note that Hyper-V clients not utilizing 9P are not affected by this vulnerability.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
zdi: CVE-2021-26867 – Windows Hyper-V Remote Code Execution Vulnerability. This bug could allow an authenticated attacker to execute code on the underlying Hyper-V server. While listed as a CVSS of 9.9, the vulnerability is really only relevant to those using the Plan-9 file system. Microsoft does not list other Hyper-V clients as impacted by this bug, but if you are using Plan-9, definitely roll this patch out as soon as possible.
23. Remote Code Execution - Office (CVE-2021-24108) - High [410] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27057, CVE-2021-27059.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
24. Remote Code Execution - Microsoft Excel (CVE-2021-27053) - High [410] Description: Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27054.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
25. Remote Code Execution - Microsoft Excel (CVE-2021-27054) - High [410] Description: Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27053.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
26. Remote Code Execution - Microsoft PowerPoint (CVE-2021-27056) - High [410] Description: Microsoft PowerPoint Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft PowerPoint |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
27. Remote Code Execution - Office (CVE-2021-27057) - High [410] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27059.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
28. Remote Code Execution - Office (CVE-2021-27058) - High [410] Description: Microsoft Office ClickToRun Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
29. Remote Code Execution - Visual Studio Code ESLint Extension (CVE-2021-27081) - High [410] Description: Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Visual Studio Code ESLint Extension |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
30. Remote Code Execution - Visual Studio Code Java Extension Pack (CVE-2021-27084) - High [410] Description: Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Visual Studio Code Java Extension Pack |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
31. Remote Code Execution - Internet Explorer (CVE-2021-27085) - High [410] Description: Internet Explorer Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Internet Browser |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on NVD data |
rapid7: Since going end-of-life in November 2020, we haven't seen any Internet Explorer patches from Microsoft. However, this month Microsoft has made two new updates available: CVE-2021-27085 and CVE-2021-26411. CVE-2021-26411 has been exploited in the wild, so don't delay applying patches if IE is still in your environment.
32. 
Denial of Service - Windows NAT (CVE-2021-26879) - High [406] Description: Windows NAT Denial of Service Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.7 | 15 | Denial of Service |
| Vulnerable Product is Common | 0.9 | 14 | Windows NAT |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on NVD data |
33. Denial of Service - Windows DNS Server (CVE-2021-26896) - High [406] Description: Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-27063.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.7 | 15 | Denial of Service |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on NVD data |
tenable: CVE-2021-26896 and CVE-2021-27063 are denial of service (DoS) vulnerabilities in Windows DNS servers, both receiving a CVSSv3 score of 7.5, and highlighted by Microsoft’s Exploitability Index as “Exploitation Less Likely.” Successful exploitation would result in an exhaustion of resources on the targeted server, causing it to become unresponsive. Exploitation of DNS DoS vulnerabilities usually requires sending a crafted DNS query to a vulnerable server.
34. Denial of Service - Windows DNS Server (CVE-2021-27063) - High [406] Description: Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-26896.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.7 | 15 | Denial of Service |
| Vulnerable Product is Common | 0.9 | 14 | Windows DNS Server |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on NVD data |
tenable: CVE-2021-26896 and CVE-2021-27063 are denial of service (DoS) vulnerabilities in Windows DNS servers, both receiving a CVSSv3 score of 7.5, and highlighted by Microsoft’s Exploitability Index as “Exploitation Less Likely.” Successful exploitation would result in an exhaustion of resources on the targeted server, causing it to become unresponsive. Exploitation of DNS DoS vulnerabilities usually requires sending a crafted DNS query to a vulnerable server.
35. Remote Code Execution - Microsoft SharePoint (CVE-2021-27076) - High [405] Description: Microsoft SharePoint Server Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
zdi: CVE-2021-27076 – Microsoft SharePoint Server Remote Code Execution Vulnerability. This patch fixes a code execution bug originally submitted through the ZDI program. For an attack to succeed, the attacker must be able to create or modify Sites with the SharePoint server. However, the default configuration of SharePoint allows authenticated users to create sites. When they do, the user will be the owner of this site and will have all the necessary permissions. This is similar to some other SharePoint bugs we have blogged about in the past, and we’ll have additional details about this vulnerability on our blog in the near future.
36. 
Security Feature Bypass - Windows Extensible Firmware Interface (CVE-2021-26892) - High [401] Description: Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.9 | 15 | Security Feature Bypass |
| Vulnerable Product is Common | 0.8 | 14 | Windows Extensible Firmware Interface |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on NVD data |
37. Remote Code Execution - Office (CVE-2021-27059) - Medium [397] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27057.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.8. Based on NVD data |
38. Remote Code Execution - Visual Studio (CVE-2021-27060) - Medium [391] Description: Visual Studio Code Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
39. Remote Code Execution - Visual Studio (CVE-2021-27082) - Medium [391] Description: Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
40. Remote Code Execution - Visual Studio (CVE-2021-27083) - Medium [391] Description: Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
41. Security Feature Bypass - Microsoft Visio (CVE-2021-27055) - Medium [390] Description: Microsoft Visio Security Feature Bypass Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.9 | 15 | Security Feature Bypass |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Visio |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on NVD data |
42. Security Feature Bypass - Windows Admin Center (CVE-2021-27066) - Medium [387] Description: Windows Admin Center Security Feature Bypass Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.9 | 15 | Security Feature Bypass |
| Vulnerable Product is Common | 0.8 | 14 | Windows Admin Center |
| CVSS Base Score | 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.3. Based on NVD data |
43. Remote Code Execution - Git (CVE-2021-21300) - Medium [372] Description: Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.4 | 14 | Git |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on NVD data |
44. Remote Code Execution - Azure Sphere (CVE-2021-27074) - Medium [372] Description: Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is unique from CVE-2021-27080.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.4 | 14 | Azure Sphere |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
45. Remote Code Execution - Azure Sphere (CVE-2021-27080) - Medium [372] Description: Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is unique from CVE-2021-27074.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.4 | 14 | Azure Sphere |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
46. Elevation of Privilege - Windows Win32k (CVE-2021-26863) - Medium [366] Description: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26875, CVE-2021-26900, CVE-2021-27077.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows kernel-mode driver |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
47. Elevation of Privilege - Windows Win32k (CVE-2021-26875) - Medium [366] Description: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26900, CVE-2021-27077.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows kernel-mode driver |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
48. Elevation of Privilege - Microsoft Windows (CVE-2021-26887) - Medium [366] Description: Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Kernel |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
49. Elevation of Privilege - Windows Win32k (CVE-2021-26900) - Medium [366] Description: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-27077.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows kernel-mode driver |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
50. Elevation of Privilege - Windows Win32k (CVE-2021-27077) - Medium [366] Description: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows kernel-mode driver |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
51. Denial of Service - User Profile Service (CVE-2021-26886) - Medium [360] Description: User Profile Service Denial of Service Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.7 | 15 | Denial of Service |
| Vulnerable Product is Common | 0.8 | 14 | User Profile Service |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on NVD data |
52. Elevation of Privilege - Windows Print Spooler (CVE-2021-1640) - Medium [347] Description: Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26878.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Print Spooler |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
53. Elevation of Privilege - Windows Update Stack (CVE-2021-1729) - Medium [347] Description: Windows Update Stack Setup Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Update Stack |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
54. Elevation of Privilege - Windows Error Reporting (CVE-2021-24090) - Medium [347] Description: Windows Error Reporting Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Error Reporting |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
55. Elevation of Privilege - Windows App-V Overlay Filter (CVE-2021-26860) - Medium [347] Description: Windows App-V Overlay Filter Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows App-V Overlay Filter |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
56. Elevation of Privilege - Windows Installer (CVE-2021-26862) - Medium [347] Description: Windows Installer Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Installer |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
57. Elevation of Privilege - Windows Virtual Registry Provider (CVE-2021-26864) - Medium [347] Description: Windows Virtual Registry Provider Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Virtual Registry Provider |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
58. Elevation of Privilege - Windows Container Execution Agent (CVE-2021-26865) - Medium [347] Description: Windows Container Execution Agent Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26891.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Container Execution Agent |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
59. Elevation of Privilege - Windows Update Service (CVE-2021-26866) - Medium [347] Description: Windows Update Service Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Update Service |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
60. Elevation of Privilege - Windows Graphics Component (CVE-2021-26868) - Medium [347] Description: Windows Graphics Component Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Graphics Component |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
61. Elevation of Privilege - Windows Projected File System (CVE-2021-26870) - Medium [347] Description: Windows Projected File System Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Projected File System |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
62. Elevation of Privilege - Windows WalletService (CVE-2021-26871) - Medium [347] Description: Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26885.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows WalletService |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
63. Elevation of Privilege - Windows Event Tracing (CVE-2021-26872) - Medium [347] Description: Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26898, CVE-2021-26901.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Event Tracing |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
64. Elevation of Privilege - User Profile Service (CVE-2021-26873) - Medium [347] Description: Windows User Profile Service Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | User Profile Service |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
65. Elevation of Privilege - Windows Overlay Filter (CVE-2021-26874) - Medium [347] Description: Windows Overlay Filter Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Overlay Filter |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
66. Elevation of Privilege - Windows Print Spooler (CVE-2021-26878) - Medium [347] Description: Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1640.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Print Spooler |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
67. Elevation of Privilege - Storage Spaces Controller (CVE-2021-26880) - Medium [347] Description: Storage Spaces Controller Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Storage Spaces Controller |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
68. Elevation of Privilege - Remote Access API (CVE-2021-26882) - Medium [347] Description: Remote Access API Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Remote Access API |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
69. Elevation of Privilege - Windows WalletService (CVE-2021-26885) - Medium [347] Description: Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26871.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows WalletService |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
70. Elevation of Privilege - Windows Update Stack (CVE-2021-26889) - Medium [347] Description: Windows Update Stack Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Update Stack |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
71. Elevation of Privilege - Windows Event Tracing (CVE-2021-26898) - Medium [347] Description: Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26901.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Event Tracing |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
72. Elevation of Privilege - Windows UPnP Device Host (CVE-2021-26899) - Medium [347] Description: Windows UPnP Device Host Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows UPnP Device Host |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
73. Elevation of Privilege - Windows Event Tracing (CVE-2021-26901) - Medium [347] Description: Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Event Tracing |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
74. Elevation of Privilege - Windows 10 Update Assistant (CVE-2021-27070) - Medium [347] Description: Windows 10 Update Assistant Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows 10 Update Assistant |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
75. Elevation of Privilege - DirectX (CVE-2021-24095) - Medium [309] Description: DirectX Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.6 | 14 | DirectX |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on NVD data |
76. 
Information Disclosure - Windows Event Tracing (CVE-2021-24107) - Medium [300] Description: Windows Event Tracing Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows Event Tracing |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on NVD data |
77. Information Disclosure - Windows ActiveX Installer Service (CVE-2021-26869) - Medium [300] Description: Windows ActiveX Installer Service Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows ActiveX Installer Service |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on NVD data |
78. Information Disclosure - Windows Media Photo Codec (CVE-2021-26884) - Medium [300] Description: Windows Media Photo Codec Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows Media Photo Codec |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on NVD data |
79. Information Disclosure - Microsoft Power BI (CVE-2021-26859) - Medium [275] Description: Microsoft Power BI Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Power BI |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on NVD data |
80. Information Disclosure - Microsoft SharePoint (CVE-2021-27052) - Medium [256] Description: Microsoft SharePoint Server Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.5 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on NVD data |
81. 
Spoofing - Microsoft SharePoint (CVE-2021-24104) - Medium [243] Description: Microsoft SharePoint Spoofing Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.5 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.4. Based on NVD data |
82. Information Disclosure - Azure Virtual Machine (CVE-2021-27075) - Medium [237] Description: Azure Virtual Machine Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.4 | 14 | Azure Virtual Machine |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.8. Based on NVD data |
Memory Corruption (1)qualys: Microsoft released patches addressing another 0-day vulnerability (CVE-2021-26411). This is a memory corruption vulnerability in Internet Explorer. This CVE already has a working exploit and is assigned a CVSSv3 base score of 8.8 by the vendor.
tenable: CVE-2021-26411 is a memory corruption vulnerability in Internet Explorer that was exploited in the wild as a zero-day. In order to exploit the flaw, an attacker would need to host the exploit code on a malicious website and convince a user through social engineering tactics to visit the page, or the attacker could inject the malicious payload into a legitimate website.
rapid7: Since going end-of-life in November 2020, we haven't seen any Internet Explorer patches from Microsoft. However, this month Microsoft has made two new updates available: CVE-2021-27085 and CVE-2021-26411. CVE-2021-26411 has been exploited in the wild, so don't delay applying patches if IE is still in your environment.
zdi: CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability. This patch corrects a bug in Internet Explorer (IE) and Edge (EdgeHTML-based) that could allow an attacker to run their code on affected systems if they view a specially crafted HTML file. Microsoft lists this as both publicly known and under active attack at the time of release. While not as impactful as the Exchange bugs, enterprises that rely on Microsoft browsers should definitely roll this out quickly. Successful exploitation would yield code execution at the level of the logged-on user, which is another reminder not to browse web pages using an account with Administrative privileges.
Elevation of Privilege (1)Remote Code Execution (37)qualys: Microsoft released patches to fix a RCE vulnerability in Windows DNS Server (CVE-2021-26897). This vulnerability has a CVSSv3 base score of 9.8 and should be prioritized for patching.
tenable: CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897 are RCE vulnerabilities found in Windows Domain Name System (DNS) servers. All five of these CVEs were assigned 9.8 CVSSv3 scores and can be exploited by an unauthenticated attacker when dynamic updates are enabled. According to an analysis by researchers at McAfee, these CVEs are not considered “wormable,” yet they do evoke memories of CVE-2020-1350 (SIGRed), a 17-year-old wormable flaw patched in July 2020.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
zdi: CVE-2021-26897 – Windows DNS Server Remote Code Execution Vulnerability. This is the second straight month with a DNS server RCE vulnerability, and this month’s bug has company. A total of 5 bugs are listed as DNS Server Remote Code Execution Vulnerabilities, but this CVE is the only one listed as Critical. All note that Secure Zone Updates lessen the likelihood of successful exploitation but are not a full mitigation. This implies dynamic updates may be involved in the exploitation of these bugs. All five of these bugs are listed as a CVSS 9.8, and there is the outside chance this could be wormable between DNS servers. Definitely prioritize the testing and deployment of these updates.
qualys: Microsoft released patches to fix a RCE vulnerability in Windows Hyper-V (CVE-2021-26867). This vulnerability has a CVSSv3 base score of 9.9 and should be prioritized for patching.
tenable: CVE-2021-26867 is an RCE vulnerability affecting Hyper-V clients that have been configured to utilize the Plan 9 file system (9P). Successful exploitation could allow an authenticated attacker to execute code on a Hyper-V server. Despite Microsoft rating this vulnerability as “Exploitation Less Likely,” the CVSSv3 score assigned to this flaw is a 9.9 out of 10.0. However, it is important to note that Hyper-V clients not utilizing 9P are not affected by this vulnerability.
rapid7: (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, and CVE-2021-26897). Remote Code Execution in Hyper-V (CVE-2021-26867) enabling virtual machine escape (CVSSv3 9.9). Browser Vulnerabilities
zdi: CVE-2021-26867 – Windows Hyper-V Remote Code Execution Vulnerability. This bug could allow an authenticated attacker to execute code on the underlying Hyper-V server. While listed as a CVSS of 9.9, the vulnerability is really only relevant to those using the Plan-9 file system. Microsoft does not list other Hyper-V clients as impacted by this bug, but if you are using Plan-9, definitely roll this patch out as soon as possible.
rapid7: Since going end-of-life in November 2020, we haven't seen any Internet Explorer patches from Microsoft. However, this month Microsoft has made two new updates available: CVE-2021-27085 and CVE-2021-26411. CVE-2021-26411 has been exploited in the wild, so don't delay applying patches if IE is still in your environment.
zdi: CVE-2021-27076 – Microsoft SharePoint Server Remote Code Execution Vulnerability. This patch fixes a code execution bug originally submitted through the ZDI program. For an attack to succeed, the attacker must be able to create or modify Sites with the SharePoint server. However, the default configuration of SharePoint allows authenticated users to create sites. When they do, the user will be the owner of this site and will have all the necessary permissions. This is similar to some other SharePoint bugs we have blogged about in the past, and we’ll have additional details about this vulnerability on our blog in the near future.
Denial of Service (4)tenable: CVE-2021-26896 and CVE-2021-27063 are denial of service (DoS) vulnerabilities in Windows DNS servers, both receiving a CVSSv3 score of 7.5, and highlighted by Microsoft’s Exploitability Index as “Exploitation Less Likely.” Successful exploitation would result in an exhaustion of resources on the targeted server, causing it to become unresponsive. Exploitation of DNS DoS vulnerabilities usually requires sending a crafted DNS query to a vulnerable server.
Security Feature Bypass (3)Elevation of Privilege (29)Information Disclosure (6)Spoofing (1)