Report Name: Microsoft Patch Tuesday, September 2021Generated: 2021-09-18 14:26:47
| Product Name | Prevalence | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Windows SMB | 1 | 3 | Windows SMB | ||||
| Windows DNS Server | 0.9 | 1 | Windows DNS Server | ||||
| Windows Kernel | 0.9 | 4 | Windows Kernel | ||||
| BitLocker | 0.8 | 1 | A full volume encryption feature included with Microsoft Windows versions starting with Windows Vista | ||||
| Google Chrome | 0.8 | 1 | Web browser | ||||
| Open Management Infrastructure | 0.8 | 3 | 1 | An open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards | |||
| Windows Ancillary Function Driver for WinSock | 0.8 | 3 | Windows component | ||||
| Windows Authenticode | 0.8 | 1 | Windows component | ||||
| Windows Bind Filter Driver | 0.8 | 1 | Windows component | ||||
| Windows Common Log File System Driver | 0.8 | 3 | Windows component | ||||
| Windows Event Tracing | 0.8 | 2 | Windows Event Tracing | ||||
| Windows Installer | 0.8 | 2 | Windows Installer | ||||
| Windows Key Storage Provider | 0.8 | 1 | Windows component | ||||
| Windows Print Spooler | 0.8 | 3 | Windows component | ||||
| Windows Redirected Drive Buffering SubSystem Driver | 0.8 | 3 | Windows component | ||||
| Windows Redirected Drive Buffering System | 0.8 | 1 | Windows component | ||||
| Windows Scripting Engine | 0.8 | 1 | Windows component | ||||
| Windows Storage | 0.8 | 1 | Windows component | ||||
| Windows Subsystem for Linux | 0.8 | 1 | Windows component | ||||
| Windows Update Client | 0.8 | 1 | Windows component | ||||
| Windows WLAN AutoConfig Service | 0.8 | 1 | 1 | Windows сomponent | |||
| HEVC Video Extensions | 0.7 | 1 | HEVC Video Extensions | ||||
| Microsoft SharePoint | 0.7 | 2 | Microsoft SharePoint | ||||
| Microsoft Excel | 0.6 | 1 | MS Office product | ||||
| Microsoft Office | 0.6 | 1 | 1 | Microsoft Office | |||
| Microsoft Office Access Connectivity Engine | 0.6 | 1 | MS Office product | ||||
| Microsoft Office Graphics | 0.6 | 2 | Microsoft Office Graphics | ||||
| Microsoft Office Graphics Component | 0.6 | 1 | Microsoft Office | ||||
| Microsoft Office Visio | 0.6 | 2 | Microsoft Visio | ||||
| Microsoft Word | 0.6 | 1 | MS Office product | ||||
| Azure | 0.4 | 1 | Azure | ||||
| Microsoft MPEG-2 Video Extension | 0.4 | 1 | This extension helps video apps installed on Windows 10, such as Microsoft Movies & TV, to play MPEG-1 and MPEG-2 videos. | ||||
| Microsoft Dynamics Business Central | 0.3 | 1 | Microsoft Dynamics Business Central | ||||
| Visual Studio | 0.3 | 2 | Integrated development environment | ||||
| Visual Studio Code | 0.3 | 1 | Integrated development environment | ||||
| Microsoft Accessibility Insights for Android | 0.2 | 1 | Accessibility Insights for Android is a free, open source tool that helps developers find and fix accessibility issues in Android apps |
| Vulnerability Type | Criticality | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Remote Code Execution | 1.0 | 1 | 11 | 2 | Remote Code Execution | ||
| Security Feature Bypass | 0.9 | 2 | Security Feature Bypass | ||||
| Denial of Service | 0.7 | 1 | Denial of Service | ||||
| Memory Corruption | 0.6 | 1 | Memory Corruption | ||||
| Elevation of Privilege | 0.5 | 2 | 1 | 22 | Elevation of Privilege | ||
| Cross Site Scripting | 0.4 | 1 | Cross Site Scripting | ||||
| Information Disclosure | 0.4 | 11 | Information Disclosure | ||||
| Spoofing | 0.4 | 5 | Spoofing |
1. 
Remote Code Execution - Open Management Infrastructure (CVE-2021-38647) - Critical [732]
Description: Open Management Infrastructure Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned at AttackerKB | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | An open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards | |
| 1.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Microsoft data |
zdi: CVE-2021-38647 - Open Management Infrastructure Remote Code Execution Vulnerability. This patch rates the highest CVSS (9.8) for this month and fixes an RCE bug in the Open Management Infrastructure (OMI). If you aren’t familiar with OMI, it’s an open-source project to further the development of a production-quality implementation of the DMTF CIM/WBEM standards. You can read all about it here. This vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system. OMI users should test and deploy this one quickly.
2. 
Elevation of Privilege - Open Management Infrastructure (CVE-2021-38645) - Critical [604]
Description: Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38648, CVE-2021-38649.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned at AttackerKB | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | An open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
3. Elevation of Privilege - Open Management Infrastructure (CVE-2021-38648) - Critical [604]
Description: Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38645, CVE-2021-38649.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned at AttackerKB | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | An open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
4. Remote Code Execution - Google Chrome (CVE-2021-30632) - High [597]
Description: Chromium: CVE-2021-30632 Out of bounds write in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned at AttackerKB | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
zdi: Not to be outdone by Apple, Google also released a new version of Chrome yesterday to address a total of nine CVEs – two of which are listed as under active attack. CVE-2021-30632 fixes an Out-of-Bounds (OOB) Write, while CVE-2021-30633 fixes a UAF bug. Both were reported by an anonymous researcher, and both could lead to code execution at the level of the logged-on user. All of the bugs fixed in this release receive a “High” severity rating from Google. If you are running Chrome, definitely update to ensure you are on the latest stable version.
zdi: Side note: As of today, not all these fixes have not been absorbed by Microsoft Edge (Chromium) and are unrelated to the Edge (Chromium) fixes discussed below. Microsoft did list CVE-2021-30632 on September 11 but appears to have jumped the gun a bit on this release as it currently shows a September 14 release date.
5. Elevation of Privilege - Open Management Infrastructure (CVE-2021-38649) - High [590]
Description: Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38645, CVE-2021-38648.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned at AttackerKB | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | An open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
6. Remote Code Execution - Windows WLAN AutoConfig Service (CVE-2021-36965) - High [475]
Description: Windows WLAN AutoConfig Service Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows сomponent | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2021-36965 – Windows WLAN AutoConfig Service Remote Code Execution Vulnerability. This vulnerability does not allow user interaction and also has a low complexity for attack. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.
zdi: CVE-2021-36965 - Windows WLAN AutoConfig Service Remote Code Execution Vulnerability. This patch fixes a vulnerability that could allow network adjacent attackers to run their code on affected systems at SYSTEM level. This means an attacker could completely take over the target – provided they are on an adjacent network. This would be highly useful in a coffee shop scenario where multiple people are using an unsecured WiFi network. Still, this requires no privileges or user interaction, so don’t let the adjacent aspect of this bug diminish the severity. Definitely test and deploy this patch quickly.
7. Remote Code Execution - HEVC Video Extensions (CVE-2021-38661) - High [443]
Description: HEVC Video Extensions Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | HEVC Video Extensions | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
8. 
Security Feature Bypass - Windows Key Storage Provider (CVE-2021-38624) - High [428]
Description: Windows Key Storage Provider Security Feature Bypass Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
9. Remote Code Execution - Microsoft Office Access Connectivity Engine (CVE-2021-38646) - High [424]
Description: Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
10. Remote Code Execution - Microsoft Office Visio (CVE-2021-38653) - High [424]
Description: Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38654.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
11. Remote Code Execution - Microsoft Office Visio (CVE-2021-38654) - High [424]
Description: Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38653.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
12. Remote Code Execution - Microsoft Excel (CVE-2021-38655) - High [424]
Description: Microsoft Excel Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
13. Remote Code Execution - Microsoft Word (CVE-2021-38656) - High [424]
Description: Microsoft Word Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
14. Remote Code Execution - Microsoft Office Graphics (CVE-2021-38658) - High [424]
Description: Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38660.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Office Graphics | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
15. Remote Code Execution - Microsoft Office (CVE-2021-38659) - High [424]
Description: Microsoft Office Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Office | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
16. Remote Code Execution - Microsoft Office Graphics (CVE-2021-38660) - High [424]
Description: Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38658.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Office Graphics | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
17. Security Feature Bypass - BitLocker (CVE-2021-38632) - High [414]
Description: BitLocker Security Feature Bypass Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | A full volume encryption feature included with Microsoft Windows versions starting with Windows Vista | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.7. Based on Microsoft data |
zdi: There are only two patches for security feature bypasses (SFBs) in this month’s release, but one seems awfully familiar. CVE-2021-38632 fixes a bug that could allow an attacker with physical access to a powered-off system to gain access to encrypted data. This sounds vaguely like the “cold boot” attacks widely discussed back in 2008. The other SFB bug being fixed this month could allow an attacker to bypass the Windows Key Storage Provider that issues key certificates for trust in attestation scenarios. This one’s a bit more vague, but surprisingly, Microsoft lists the attack complexity as Low for this bug. Definitely something to look out for.
18. Elevation of Privilege - Windows SMB (CVE-2021-36974) - Medium [398]
Description: Windows SMB Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 1 | 14 | Windows SMB | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
19. Remote Code Execution - Microsoft MPEG-2 Video Extension (CVE-2021-38644) - Medium [386]
Description: Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.4 | 14 | This extension helps video apps installed on Windows 10, such as Microsoft Movies & TV, to play MPEG-1 and MPEG-2 videos. | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
20. 
Memory Corruption - Windows Scripting Engine (CVE-2021-26435) - Medium [381]
Description: Windows Scripting Engine Memory Corruption Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2021-26435 – Windows Scripting Engine Memory Corruption Vulnerability. Microsoft released patches addressing a critical remote code execution vulnerability in Windows Scripting Engine. The exploitation of this vulnerability requires an attacker to convince users to click a link and then open a specially-crafted file. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.
21. Elevation of Privilege - Windows DNS Server (CVE-2021-36968) - Medium [379]
Description: Windows DNS Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows DNS Server | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2021-36968 is an EoP vulnerability found in Windows DNS. The vulnerability was assigned a CVSS score of 7.8. While no additional information from Microsoft has been provided, the security advisory makes note that this vulnerability has been publicly disclosed. Exploitation requires local access and a low privileged user account and is less likely to be exploited according to Microsoft’s Exploitability Index.
rapid7: Windows DNS Local Elevation of Privilege (CVE-2021-36968). This is the second publicly disclosed vulnerability updated this month. While the details surrounding this CVE are sparse, we do know that Microsoft has not detected exploitation in the wild.
22. Elevation of Privilege - Windows Kernel (CVE-2021-36975) - Medium [379]
Description: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38639.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2021-36975 and CVE-2021-38639 are EoP vulnerabilities found in Win32k, the kernel-mode subsystem that provides graphical (GUI) content functionality in Windows. With an assigned CVSS score of 7.8 and exploitability rating of “Exploitation More Likely,” attackers are expected to leverage this flaw to elevate account privileges of low privileged local user accounts. As Win32k is a core component of Windows, applying the necessary cumulative patches for your version of Windows is strongly recommended.
23. Elevation of Privilege - Windows Kernel (CVE-2021-38625) - Medium [379]
Description: Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38626.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
24. Elevation of Privilege - Windows Kernel (CVE-2021-38626) - Medium [379]
Description: Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38625.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
25. Elevation of Privilege - Windows Kernel (CVE-2021-38639) - Medium [379]
Description: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36975.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2021-36975 and CVE-2021-38639 are EoP vulnerabilities found in Win32k, the kernel-mode subsystem that provides graphical (GUI) content functionality in Windows. With an assigned CVSS score of 7.8 and exploitability rating of “Exploitation More Likely,” attackers are expected to leverage this flaw to elevate account privileges of low privileged local user accounts. As Win32k is a core component of Windows, applying the necessary cumulative patches for your version of Windows is strongly recommended.
26. 
Information Disclosure - Windows SMB (CVE-2021-36960) - Medium [378]
Description: Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 1 | 14 | Windows SMB | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
27. Elevation of Privilege - Windows Bind Filter Driver (CVE-2021-36954) - Medium [374]
Description: Windows Bind Filter Driver Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
28. 
Denial of Service - Windows Installer (CVE-2021-36961) - Medium [374]
Description: Windows Installer Denial of Service Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows Installer | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
29. Remote Code Execution - Visual Studio (CVE-2021-36952) - Medium [367]
Description: Visual Studio Remote Code Execution Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 1.0 | 15 | Remote Code Execution | |
| 0.3 | 14 | Integrated development environment | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
30. Elevation of Privilege - Windows Common Log File System Driver (CVE-2021-36955) - Medium [360]
Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36963, CVE-2021-38633.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2021-36955, CVE-2021-36963 and CVE-2021-38633 are EoP vulnerabilities found in the Windows Common Log File System (CLFS) Driver which would allow a low privileged local attacker to elevate their user account privileges. While Microsoft has not observed exploitation in the wild, they rate these flaws as “Exploitation More Likely.” EoP vulnerabilities are commonly used in malware/ransomware attacks as we’ve observed with CVE-2020-1472, aka Zerologon, one of the Top Five Vulnerabilities of 2020. As such, we strongly recommend prioritizing the installation of these patches.
31. Elevation of Privilege - Windows Common Log File System Driver (CVE-2021-36963) - Medium [360]
Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-38633.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2021-38633, CVE-2021-36963 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. The vulnerabilities allow an attacker to gain elevated privileges to make changes to the victim’s system. These CVEs have a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching.
tenable: CVE-2021-36955, CVE-2021-36963 and CVE-2021-38633 are EoP vulnerabilities found in the Windows Common Log File System (CLFS) Driver which would allow a low privileged local attacker to elevate their user account privileges. While Microsoft has not observed exploitation in the wild, they rate these flaws as “Exploitation More Likely.” EoP vulnerabilities are commonly used in malware/ransomware attacks as we’ve observed with CVE-2020-1472, aka Zerologon, one of the Top Five Vulnerabilities of 2020. As such, we strongly recommend prioritizing the installation of these patches.
32. Elevation of Privilege - Windows Event Tracing (CVE-2021-36964) - Medium [360]
Description: Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38630.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows Event Tracing | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
33. Elevation of Privilege - Windows Subsystem for Linux (CVE-2021-36966) - Medium [360]
Description: Windows Subsystem for Linux Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
34. Elevation of Privilege - Windows WLAN AutoConfig Service (CVE-2021-36967) - Medium [360]
Description: Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows сomponent | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.0. Based on Microsoft data |
35. Elevation of Privilege - Windows Redirected Drive Buffering System (CVE-2021-36973) - Medium [360]
Description: Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
36. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2021-38628) - Medium [360]
Description: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38638.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
37. Elevation of Privilege - Windows Event Tracing (CVE-2021-38630) - Medium [360]
Description: Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36964.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows Event Tracing | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
38. Elevation of Privilege - Windows Common Log File System Driver (CVE-2021-38633) - Medium [360]
Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-36963.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2021-38633, CVE-2021-36963 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. The vulnerabilities allow an attacker to gain elevated privileges to make changes to the victim’s system. These CVEs have a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching.
tenable: CVE-2021-36955, CVE-2021-36963 and CVE-2021-38633 are EoP vulnerabilities found in the Windows Common Log File System (CLFS) Driver which would allow a low privileged local attacker to elevate their user account privileges. While Microsoft has not observed exploitation in the wild, they rate these flaws as “Exploitation More Likely.” EoP vulnerabilities are commonly used in malware/ransomware attacks as we’ve observed with CVE-2020-1472, aka Zerologon, one of the Top Five Vulnerabilities of 2020. As such, we strongly recommend prioritizing the installation of these patches.
39. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2021-38638) - Medium [360]
Description: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38628.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
40. Elevation of Privilege - Windows Print Spooler (CVE-2021-38667) - Medium [360]
Description: Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38671, CVE-2021-40447.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2021-38667, CVE-2021-38671 and CVE-2021-40447 are EoP vulnerabilities in Windows Print Spooler. All three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated Important. Of the three vulnerabilities, CVE-2021-38671 is the only flaw rated as Exploitation More Likely. There has been a flurry of activity surrounding Windows Print Spooler related vulnerabilities, beginning with CVE-2021-1675 in June and CVE-2021-34527, also known as PrintNightmare in July. We published a blog post in August about the seven Print Spooler related vulnerabilities Microsoft published advisories for which included CVE-2021-36958, a zero-day RCE that was patched today. Because of its ubiquity, Print Spooler is a valuable target for attackers, so the fact that we continue to see research in this space shows that there are an untold number of vulnerabilities within Print Spooler.
41. Elevation of Privilege - Windows Print Spooler (CVE-2021-38671) - Medium [360]
Description: Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-40447.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2021-38671 – Windows Print Spooler Elevation of Privilege Vulnerability. This CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching.
tenable: CVE-2021-38667, CVE-2021-38671 and CVE-2021-40447 are EoP vulnerabilities in Windows Print Spooler. All three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated Important. Of the three vulnerabilities, CVE-2021-38671 is the only flaw rated as Exploitation More Likely. There has been a flurry of activity surrounding Windows Print Spooler related vulnerabilities, beginning with CVE-2021-1675 in June and CVE-2021-34527, also known as PrintNightmare in July. We published a blog post in August about the seven Print Spooler related vulnerabilities Microsoft published advisories for which included CVE-2021-36958, a zero-day RCE that was patched today. Because of its ubiquity, Print Spooler is a valuable target for attackers, so the fact that we continue to see research in this space shows that there are an untold number of vulnerabilities within Print Spooler.
42. Elevation of Privilege - Windows Print Spooler (CVE-2021-40447) - Medium [360]
Description: Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-38671.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2021-38667, CVE-2021-38671 and CVE-2021-40447 are EoP vulnerabilities in Windows Print Spooler. All three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated Important. Of the three vulnerabilities, CVE-2021-38671 is the only flaw rated as Exploitation More Likely. There has been a flurry of activity surrounding Windows Print Spooler related vulnerabilities, beginning with CVE-2021-1675 in June and CVE-2021-34527, also known as PrintNightmare in July. We published a blog post in August about the seven Print Spooler related vulnerabilities Microsoft published advisories for which included CVE-2021-36958, a zero-day RCE that was patched today. Because of its ubiquity, Print Spooler is a valuable target for attackers, so the fact that we continue to see research in this space shows that there are an untold number of vulnerabilities within Print Spooler.
43. Information Disclosure - Windows SMB (CVE-2021-36972) - Medium [351]
Description: Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36960.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 1 | 14 | Windows SMB | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
44. Elevation of Privilege - Windows Update Client (CVE-2021-38634) - Medium [347]
Description: Microsoft Windows Update Client Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
45. Information Disclosure - Windows Ancillary Function Driver for WinSock (CVE-2021-38629) - Medium [327]
Description: Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
46. 
Spoofing - Microsoft SharePoint (CVE-2021-38651) - Medium [321]
Description: Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-38652.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Spoofing | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.6. Based on Microsoft data |
47. Spoofing - Microsoft SharePoint (CVE-2021-38652) - Medium [321]
Description: Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-38651.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Spoofing | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.6. Based on Microsoft data |
48. Spoofing - Windows Authenticode (CVE-2021-36959) - Medium [313]
Description: Windows Authenticode Spoofing Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
49. Information Disclosure - Windows Installer (CVE-2021-36962) - Medium [313]
Description: Windows Installer Information Disclosure Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows Installer | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
50. Information Disclosure - Windows Redirected Drive Buffering SubSystem Driver (CVE-2021-36969) - Medium [313]
Description: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38635, CVE-2021-38636.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
51. Information Disclosure - Windows Redirected Drive Buffering SubSystem Driver (CVE-2021-38635) - Medium [313]
Description: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
52. Information Disclosure - Windows Redirected Drive Buffering SubSystem Driver (CVE-2021-38636) - Medium [313]
Description: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
53. Information Disclosure - Windows Storage (CVE-2021-38637) - Medium [313]
Description: Windows Storage Information Disclosure Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
54. Spoofing - Microsoft Office (CVE-2021-38650) - Medium [302]
Description: Microsoft Office Spoofing Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Spoofing | |
| 0.6 | 14 | Microsoft Office | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.6. Based on Microsoft data |
55. Information Disclosure - Microsoft Office Graphics Component (CVE-2021-38657) - Medium [275]
Description: Microsoft Office Graphics Component Information Disclosure Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.6 | 14 | Microsoft Office | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
56. Elevation of Privilege - Visual Studio (CVE-2021-26434) - Medium [266]
Description: Visual Studio Elevation of Privilege Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.3 | 14 | Integrated development environment | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
57. Spoofing - Visual Studio Code (CVE-2021-26437) - Medium [218]
Description: Visual Studio Code Spoofing Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Spoofing | |
| 0.3 | 14 | Integrated development environment | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
58. Information Disclosure - Azure (CVE-2021-36956) - Medium [210]
Description: Azure Sphere Information Disclosure Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.4 | 14 | Azure | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.4. Based on Microsoft data |
59. 
Cross Site Scripting - Microsoft Dynamics Business Central (CVE-2021-40440) - Medium [205]
Description: Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Cross Site Scripting | |
| 0.3 | 14 | Microsoft Dynamics Business Central | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.4. Based on Microsoft data |
60. Information Disclosure - Microsoft Accessibility Insights for Android (CVE-2021-40448) - Medium [200]
Description: Microsoft Accessibility Insights for Android Information Disclosure Vulnerability
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | Public exploit is NOT found at Vulners website | |
| 0.4 | 15 | Information Disclosure | |
| 0.2 | 14 | Accessibility Insights for Android is a free, open source tool that helps developers find and fix accessibility issues in Android apps | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.3. Based on Microsoft data |
Remote Code Execution (2)zdi: CVE-2021-38647 - Open Management Infrastructure Remote Code Execution Vulnerability. This patch rates the highest CVSS (9.8) for this month and fixes an RCE bug in the Open Management Infrastructure (OMI). If you aren’t familiar with OMI, it’s an open-source project to further the development of a production-quality implementation of the DMTF CIM/WBEM standards. You can read all about it here. This vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system. OMI users should test and deploy this one quickly.
zdi: Not to be outdone by Apple, Google also released a new version of Chrome yesterday to address a total of nine CVEs – two of which are listed as under active attack. CVE-2021-30632 fixes an Out-of-Bounds (OOB) Write, while CVE-2021-30633 fixes a UAF bug. Both were reported by an anonymous researcher, and both could lead to code execution at the level of the logged-on user. All of the bugs fixed in this release receive a “High” severity rating from Google. If you are running Chrome, definitely update to ensure you are on the latest stable version.
zdi: Side note: As of today, not all these fixes have not been absorbed by Microsoft Edge (Chromium) and are unrelated to the Edge (Chromium) fixes discussed below. Microsoft did list CVE-2021-30632 on September 11 but appears to have jumped the gun a bit on this release as it currently shows a September 14 release date.
Elevation of Privilege (3)Remote Code Execution (12)qualys: CVE-2021-36965 – Windows WLAN AutoConfig Service Remote Code Execution Vulnerability. This vulnerability does not allow user interaction and also has a low complexity for attack. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.
zdi: CVE-2021-36965 - Windows WLAN AutoConfig Service Remote Code Execution Vulnerability. This patch fixes a vulnerability that could allow network adjacent attackers to run their code on affected systems at SYSTEM level. This means an attacker could completely take over the target – provided they are on an adjacent network. This would be highly useful in a coffee shop scenario where multiple people are using an unsecured WiFi network. Still, this requires no privileges or user interaction, so don’t let the adjacent aspect of this bug diminish the severity. Definitely test and deploy this patch quickly.
Security Feature Bypass (2)zdi: There are only two patches for security feature bypasses (SFBs) in this month’s release, but one seems awfully familiar. CVE-2021-38632 fixes a bug that could allow an attacker with physical access to a powered-off system to gain access to encrypted data. This sounds vaguely like the “cold boot” attacks widely discussed back in 2008. The other SFB bug being fixed this month could allow an attacker to bypass the Windows Key Storage Provider that issues key certificates for trust in attestation scenarios. This one’s a bit more vague, but surprisingly, Microsoft lists the attack complexity as Low for this bug. Definitely something to look out for.
Elevation of Privilege (22)tenable: CVE-2021-36968 is an EoP vulnerability found in Windows DNS. The vulnerability was assigned a CVSS score of 7.8. While no additional information from Microsoft has been provided, the security advisory makes note that this vulnerability has been publicly disclosed. Exploitation requires local access and a low privileged user account and is less likely to be exploited according to Microsoft’s Exploitability Index.
rapid7: Windows DNS Local Elevation of Privilege (CVE-2021-36968). This is the second publicly disclosed vulnerability updated this month. While the details surrounding this CVE are sparse, we do know that Microsoft has not detected exploitation in the wild.
tenable: CVE-2021-36975 and CVE-2021-38639 are EoP vulnerabilities found in Win32k, the kernel-mode subsystem that provides graphical (GUI) content functionality in Windows. With an assigned CVSS score of 7.8 and exploitability rating of “Exploitation More Likely,” attackers are expected to leverage this flaw to elevate account privileges of low privileged local user accounts. As Win32k is a core component of Windows, applying the necessary cumulative patches for your version of Windows is strongly recommended.
qualys: CVE-2021-38633, CVE-2021-36963 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. The vulnerabilities allow an attacker to gain elevated privileges to make changes to the victim’s system. These CVEs have a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching.
tenable: CVE-2021-36955, CVE-2021-36963 and CVE-2021-38633 are EoP vulnerabilities found in the Windows Common Log File System (CLFS) Driver which would allow a low privileged local attacker to elevate their user account privileges. While Microsoft has not observed exploitation in the wild, they rate these flaws as “Exploitation More Likely.” EoP vulnerabilities are commonly used in malware/ransomware attacks as we’ve observed with CVE-2020-1472, aka Zerologon, one of the Top Five Vulnerabilities of 2020. As such, we strongly recommend prioritizing the installation of these patches.
qualys: CVE-2021-38671 – Windows Print Spooler Elevation of Privilege Vulnerability. This CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching.
tenable: CVE-2021-38667, CVE-2021-38671 and CVE-2021-40447 are EoP vulnerabilities in Windows Print Spooler. All three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated Important. Of the three vulnerabilities, CVE-2021-38671 is the only flaw rated as Exploitation More Likely. There has been a flurry of activity surrounding Windows Print Spooler related vulnerabilities, beginning with CVE-2021-1675 in June and CVE-2021-34527, also known as PrintNightmare in July. We published a blog post in August about the seven Print Spooler related vulnerabilities Microsoft published advisories for which included CVE-2021-36958, a zero-day RCE that was patched today. Because of its ubiquity, Print Spooler is a valuable target for attackers, so the fact that we continue to see research in this space shows that there are an untold number of vulnerabilities within Print Spooler.
Memory Corruption (1)qualys: CVE-2021-26435 – Windows Scripting Engine Memory Corruption Vulnerability. Microsoft released patches addressing a critical remote code execution vulnerability in Windows Scripting Engine. The exploitation of this vulnerability requires an attacker to convince users to click a link and then open a specially-crafted file. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.
Information Disclosure (11)Denial of Service (1)Spoofing (5)Cross Site Scripting (1)