{"prion": [{"lastseen": "2023-08-16T05:58:39", "description": "Windows Graphics Component Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-12T18:15:00", "type": "prion", "title": "CVE-2021-34530", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34530"], "modified": "2021-08-23T20:47:00", "id": "PRION:CVE-2021-34530", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-34530", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mscve": [{"lastseen": "2023-06-14T15:25:13", "description": "Windows Graphics Component Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-10T07:00:00", "type": "mscve", "title": "Windows Graphics Component Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34530"], "modified": "2021-08-10T07:00:00", "id": "MS:CVE-2021-34530", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34530", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "hivepro": [{"lastseen": "2021-08-23T15:19:10", "description": "#### THREAT LEVEL: Red.\n\nFor a detailed advisory, [download the pdf file here.](<https://www.hivepro.com/wp-content/uploads/2021/08/TA202129.pdf>)\n\nMultiple vulnerabilities have been patched by Microsoft in August 2021 Patch Tuesday. Three of them have been labeled as zero-day vulnerabilities (CVE-2021-36936, CVE-2021-36942, and CVE-2021-36948). One of them (CVE-2021-36948) has already been exploited in the wild. The attacker is yet to be identified. Microsoft has classified six vulnerabilities as critical, and patches for all of them are now available.\n\n#### Vulnerability Details\n\n \n\n#### Patch Links\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36948>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34530>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34534>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36936>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26432>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34480>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34535>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26424>\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36942>\n\n#### References\n\n<https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2021-patch-tuesday-fixes-3-zero-days-44-flaws/>", "cvss3": {}, "published": "2021-08-11T13:25:48", "type": "hivepro", "title": "Critical Vulnerabilities revealed in Microsoft\u2019s Patch Tuesday", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-26424", "CVE-2021-26432", "CVE-2021-34480", "CVE-2021-34530", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-36936", "CVE-2021-36942", "CVE-2021-36948"], "modified": "2021-08-11T13:25:48", "id": "HIVEPRO:1BBAC0CD5F3681EC49D06BE85DC90A92", "href": "https://www.hivepro.com/critical-vulnerabilities-revealed-in-microsofts-patch-tuesday/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2021-08-11T19:56:07", "description": "Microsoft has patched 51 security vulnerabilities in its scheduled August Patch Tuesday update, including seven critical bugs, two issues that were publicly disclosed but unpatched until now, and one that\u2019s listed as a zero-day that has been exploited in the wild.\n\nOf note, there are 17 elevation-of-privilege (EoP) vulnerabilities, 13 remote code-execution (RCE) issues, eight information-disclosure flaws and two denial-of-service (DoS) bugs.\n\nThe update also includes patches for three more Print Spooler bugs, familiar from the PrintNightmare saga.\n\n[](<https://threatpost.com/infosec-insider-subscription-page/>)\n\n\u201cFortunately, it was a lighter month than usual,\u201d said Eric Feldman, senior product marketing manager at Automox, in a [Patch Tuesday analysis](<https://blog.automox.com/automox-experts-weigh-in-august-patch-tuesday-2021>) from the vendor. \u201cThis represents a 56 percent reduction in overall vulnerabilities from July, and 33 percent fewer vulnerabilities on average for each month so far this year. We have also seen a similar reduction in critical vulnerabilities this month, with 30 percent less compared to the monthly average.\u201d\n\n## **Windows Critical Security Vulnerabilities**\n\nThe seven critical bugs [addressed in August](<https://msrc.microsoft.com/update-guide/>) are as follows:\n\n * CVE-2021-26424 \u2013 Windows TCP/IP RCE Vulnerability\n * CVE-2021-26432 \u2013 Windows Services for NFS ONCRPC XDR Driver RCE Vulnerability\n * CVE-2021-34480 \u2013 Scripting Engine Memory Corruption Vulnerability\n * CVE-2021-34530 \u2013 Windows Graphics Component RCE Vulnerability\n * CVE-2021-34534 \u2013 Windows MSHTML Platform RCE Vulnerability\n * CVE-2021-34535 \u2013 Remote Desktop Client RCE Vulnerability\n * CVE-2021-36936 \u2013 Windows Print Spooler RCE Vulnerability\n\nThe bug tracked as **CVE-2021-26424** exists in the TCP/IP protocol stack identified in Windows 7 and newer Microsoft operating systems, including servers.\n\n\u201cDespite its CVSS rating of 9.9, this may prove to be a trivial bug, but it\u2019s still fascinating,\u201d said Dustin Childs of Trend Micro\u2019s Zero Day Initiative (ZDI) in his [Tuesday analysis](<https://www.zerodayinitiative.com/blog/2021/8/10/the-august-2021-security-update-review>). \u201cAn attacker on a guest Hyper-V OS could execute code on the host Hyper-V server by sending a specially crafted IPv6 ping. This keeps it out of the wormable category. Still, a successful attack would allow the guest OS to completely take over the Hyper-V host. While not wormable, it\u2019s still cool to see new bugs in new scenarios being found in protocols that have been around for years.\u201d\n\nThe next bug, **CVE-2021-26432** in Windows Services, is more likely to be exploited given its low complexity status, according to Microsoft\u2019s advisory; it doesn\u2019t require privileges or user interaction to exploit, but Microsoft offered no further details.\n\n\u201cThis may fall into the \u2018wormable\u2019 category, at least between servers with NFS installed, especially since the open network computing remote procedure call (ONCRPC) consists of an External Data Representation (XDR) runtime built on the Winsock Kernel (WSK) interface,\u201d Childs said. \u201cThat certainly sounds like elevated code on a listening network service. Don\u2019t ignore this patch.\u201d\n\nAleks Haugom, product marketing manager at Automox, added, \u201cExploitation results in total loss of confidentiality across all devices managed by the same security authority. Furthermore, attackers can utilize it for denial-of-service attacks or to maliciously modify files. So far, no further details have been divulged by Microsoft or the security researcher (Liubenjin from Codesafe Team of Legendsec at Qi\u2019anxin Group) that discovered this vulnerability. Given the broad potential impact, its label \u2018Exploitation More Likely\u2019 and apparent secrecy, patching should be completed ASAP.\u201d\n\nMeanwhile, the memory-corruption bug (**CVE-2021-34480**) arises from how the scripting engine handles objects in memory, and it also allows RCE. Using a web-based attack or a malicious file, such as a malicious landing page or phishing email, attackers can use this vulnerability to take control of an affected system, install programs, view or change data, or create new user accounts with full user rights.\n\n\u201cCVE-2021-34480 should also be a priority,\u201d Kevin Breen, director of cyber-threat research at Immersive Labs, told Threatpost. \u201cIt is a low score in terms of CVSS, coming in at 6.8, but has been marked by Microsoft as \u2018Exploitation More Likely\u2019 because it is the type of attack commonly used to increase the success rate of spear phishing attacks to gain network access. Simple, but effective.\u201d\n\nThe Windows Graphic Component bug (**CVE-2021-34530**) allows attackers to remotely execute malicious code in the context of the current user, according to Microsoft \u2013 if they can social-engineer a target into opening a specially crafted file.\n\nAnother bug exists in the Windows MSHTML platform, also known as Trident (**CVE-2021-34534**). Trident is the rendering engine (mshtml.dll) used by Internet Explorer. The bug affects many Windows 10 versions (1607, 1809,1909, 2004, 20H2, 21H1) as well as Windows Server 2016 and 2019.\n\nBut while it potentially affects a large number of users, exploitation is not trivial.\n\n\u201cTo exploit, a threat actor would need to pull off a highly complex attack with user interaction \u2013 still entirely possible with the sophisticated attackers of today,\u201d said Peter Pflaster, technical product marketing manager at Automox.\n\nThe bug tracked as **CVE-2021-34535** impacts the Microsoft Remote Desktop Client, Microsoft\u2019s nearly ubiquitous utility for connecting to remote PCs.\n\n\u201cWith today\u2019s highly dispersed workforce, CVE-2021-34535, an RCE vulnerability in Remote Desktop Clients, should be a priority patch,\u201d said Breen. \u201cAttackers increasingly use RDP access as the tip of the spear to gain network access, often combining it with privilege escalation to move laterally. These can be powerful as, depending on the method, it may allow the attacker to authenticate in the network in the same way a user would, making detection difficult.\u201d\n\nIt\u2019s not as dangerous of a bug [as BlueKeep,](<https://threatpost.com/one-million-devices-open-to-wormable-microsoft-bluekeep-flaw/145113/>) according to Childs, which also affected RDP.\n\n\u201cBefore you start having flashbacks to BlueKeep, this bug affects the RDP client and not the RDP server,\u201d he said. \u201cHowever, the CVSS 9.9 bug is nothing to ignore. An attacker can take over a system if they can convince an affected RDP client to connect to an RDP server they control. On Hyper-V servers, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer. This is the more likely scenario and the reason you should test and deploy this patch quickly.\u201d\n\n## **Windows Print Spooler Bugs \u2013 Again**\n\nThe final critical bug is **CVE-2021-36936**, a Windows Print Spooler RCE bug that\u2019s listed as publicly known.\n\nPrint Spooler made headlines last month, when Microsoft patched what it thought was a minor elevation-of-privilege vulnerability in the service (CVE-2021-1675). But the listing was updated later in the week, after researchers from Tencent and NSFOCUS TIANJI Lab figured out it could be used for RCE \u2013 [requiring a new patch](<https://threatpost.com/microsoft-emergency-patch-printnightmare/167578/>).\n\nIt also disclosed a second bug, similar to PrintNightmare (CVE-2021-34527); and a third, [an EoP issue](<https://threatpost.com/microsoft-unpatched-bug-windows-print-spooler/167855/>) ([CVE-2021-34481](<https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872>)).\n\n\u201cAnother month, another remote code-execution bug in the Print Spooler,\u201d said ZDI\u2019s Childs. \u201cThis bug is listed as publicly known, but it\u2019s not clear if this bug is a variant of PrintNightmare or a unique vulnerability all on its own. There are quite a few print-spooler bugs to keep track of. Either way, attackers can use this to execute code on affected systems. Microsoft does state low privileges are required, so that should put this in the non-wormable category, but you should still prioritize testing and deployment of this critical-rated bug.\u201d\n\nThe critical vulnerability is just one of three Print Spooler issues in the August Patch Tuesday release.\n\n\u201cThe specter of the PrintNightmare continues to haunt this patch Tuesday with three more print spooler vulnerabilities, CVE-2021-36947, CVE-2021-36936 and CVE-2021-34481,\u201d said Breen. \u201cAll three are listed as RCE over the network, requiring a low level of access, similar to PrintNightmare. Microsoft has marked these as \u2018Exploitation More Likely\u2019 which, if the previous speed of POC code being published is anything to go by, is certainly true.\u201d\n\n## **RCE Zero-Day in Windows Update Medic Service **\n\nThe actively exploited bug is tracked as **CVE-2021-36948** and is rated as important; it could pave the way for RCE via the Windows Update Medic Service in Windows 10 and Server 2019 and newer operating systems.\n\n\u201cUpdate Medic is a new service that allows users to repair Windows Update components from a damaged state such that the device can continue to receive updates,\u201d Automox\u2019 Jay Goodman explained. \u201cThe exploit is both low complexity and can be exploited without user interaction, making this an easy vulnerability to include in an adversary\u2019s toolbox.\u201d\n\nImmersive\u2019s Breen added, \u201cCVE-2021-36948 is a privilege-escalation vulnerability \u2013 the cornerstone of modern intrusions as they allow attackers the level of access to do things like hide their tracks and create user accounts. In the case of ransomware attacks, they have also been used to ensure maximum damage.\u201d\n\nThough the bug is being reported as being exploited in the wild by Microsoft, activity appears to remain limited or targeted: \u201cWe have seen no evidence of it at Kenna Security at this time,\u201d Jerry Gamblin, director of security research at Kenna Security (now part of Cisco) told Threatpost.\n\n## **Publicly Known Windows LSA Spoofing Bug**\n\nThe second publicly known bug (after the Print Spooler issue covered earlier) is tracked as **CVE-2021-36942**, and it\u2019s an important-rated Windows LSA (Local Security Authority) spoofing vulnerability.\n\n\u201cIt fixes a flaw that could be used to steal NTLM hashes from a domain controller or other vulnerable host,\u201d Immersive\u2019s Breen said. \u201cThese types of attacks are well known for lateral movement and privilege escalation, as has been demonstrated recently by a [new exploit called PetitPotam](<https://threatpost.com/microsoft-petitpotam-poc/168163/>). It is a post-intrusion exploit \u2013 further down the attack chain \u2013 but still a useful tool for attackers.\u201d\n\nChilds offered a bit of context around the bug.\n\n\u201cMicrosoft released this patch to further protect against NTLM relay attacks by issuing this update to block the LSARPC interface,\u201d he said. \u201cThis will impact some systems, notably Windows Server 2008 SP2, that use the EFS API OpenEncryptedFileRawA function. You should apply this to your Domain Controllers first and follow the additional guidance in [ADV210003](<https://msrc.microsoft.com/update-guide/vulnerability/ADV210003>) and [KB5005413](<https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429>). This has been an ongoing issue since 2009, and, likely, this isn\u2019t the last we\u2019ll hear of this persistent issue.\u201d\n\nMicrosoft\u2019s next Patch Tuesday will fall on September 14.\n\nWorried about where the next attack is coming from? We\u2019ve got your back. **[REGISTER NOW](<https://threatpost.com/webinars/how-to-think-like-a-threat-actor/?utm_source=ART&utm_medium=ART&utm_campaign=August_Uptycs_Webinar>)** for our upcoming live webinar, How to **Think Like a Threat Actor**, in partnership with Uptycs on Aug. 17 at 11 AM EST and find out precisely where attackers are targeting you and how to get there first. Join host Becky Bracken and Uptycs researchers Amit Malik and Ashwin Vamshi on **[Aug. 17 at 11AM EST for this LIVE discussion](<https://threatpost.com/webinars/how-to-think-like-a-threat-actor/?utm_source=ART&utm_medium=ART&utm_campaign=August_Uptycs_Webinar>)**.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-10T21:17:58", "type": "threatpost", "title": "Actively Exploited Windows Zero-Day Gets a Patch", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1675", "CVE-2021-26424", "CVE-2021-26432", "CVE-2021-34480", "CVE-2021-34481", "CVE-2021-34527", "CVE-2021-34530", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-36936", "CVE-2021-36942", "CVE-2021-36947", "CVE-2021-36948"], "modified": "2021-08-10T21:17:58", "id": "THREATPOST:8D4EA8B0593FD44763915E703BC9AB72", "href": "https://threatpost.com/exploited-windows-zero-day-patch/168539/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T15:32:18", "description": "The remote Windows host is missing security update 5005040.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26424, CVE-2021-26432, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-36936, CVE-2021-36937, CVE-2021-36947)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-26433, CVE-2021-36926, CVE-2021-36932, CVE-2021-36933, CVE-2021-36938)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483, CVE-2021-34484, CVE-2021-34536, CVE-2021-34537)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-34480)", "cvss3": {}, "published": "2021-08-10T00:00:00", "type": "nessus", "title": "KB5005040: Windows 10 version 1507 LTS Security Update (August 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-34480", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34530", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36938", "CVE-2021-36947"], "modified": "2022-04-07T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_AUG_5005040.NASL", "href": "https://www.tenable.com/plugins/nessus/152422", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152422);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2021-26424\",\n \"CVE-2021-26425\",\n \"CVE-2021-26426\",\n \"CVE-2021-26432\",\n \"CVE-2021-26433\",\n \"CVE-2021-34480\",\n \"CVE-2021-34483\",\n \"CVE-2021-34484\",\n \"CVE-2021-34530\",\n \"CVE-2021-34533\",\n \"CVE-2021-34534\",\n \"CVE-2021-34535\",\n \"CVE-2021-34536\",\n \"CVE-2021-34537\",\n \"CVE-2021-36926\",\n \"CVE-2021-36932\",\n \"CVE-2021-36933\",\n \"CVE-2021-36936\",\n \"CVE-2021-36937\",\n \"CVE-2021-36938\",\n \"CVE-2021-36947\"\n );\n script_xref(name:\"MSKB\", value:\"5005040\");\n script_xref(name:\"MSFT\", value:\"MS21-5005040\");\n script_xref(name:\"IAVA\", value:\"2021-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0374-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/21\");\n\n script_name(english:\"KB5005040: Windows 10 version 1507 LTS Security Update (August 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005040.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26424,\n CVE-2021-26432, CVE-2021-34530, CVE-2021-34533,\n CVE-2021-34534, CVE-2021-34535, CVE-2021-36936,\n CVE-2021-36937, CVE-2021-36947)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-26433, CVE-2021-36926,\n CVE-2021-36932, CVE-2021-36933, CVE-2021-36938)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483,\n CVE-2021-34484, CVE-2021-34536, CVE-2021-34537)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-34480)\");\n # https://support.microsoft.com/en-us/topic/august-10-2021-kb5005040-os-build-10240-19022-e8bbfa7a-1012-4e18-a2d7-8ae6a8acf8fb\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cab780fc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005040.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-08';\nkbs = make_list(\n '5005040'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10', \n sp:0,\n os_build:10240,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005040])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:50", "description": "The remote Windows host is missing security update 5005043.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26424, CVE-2021-26432, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-36936, CVE-2021-36937, CVE-2021-36947)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36942)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483, CVE-2021-34484, CVE-2021-34487, CVE-2021-34536, CVE-2021-34537)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-34480)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-26433, CVE-2021-36926, CVE-2021-36932, CVE-2021-36933, CVE-2021-36938)", "cvss3": {}, "published": "2021-08-10T00:00:00", "type": "nessus", "title": "KB5005043: Windows 10 Version 1607 and Windows Server 2016 Security Update (August 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-34480", "CVE-2021-34481", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34487", "CVE-2021-34530", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36938", "CVE-2021-36942", "CVE-2021-36947"], "modified": "2022-04-07T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_AUG_5005043.NASL", "href": "https://www.tenable.com/plugins/nessus/152434", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152434);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2021-26424\",\n \"CVE-2021-26425\",\n \"CVE-2021-26426\",\n \"CVE-2021-26432\",\n \"CVE-2021-26433\",\n \"CVE-2021-34480\",\n \"CVE-2021-34481\",\n \"CVE-2021-34483\",\n \"CVE-2021-34484\",\n \"CVE-2021-34487\",\n \"CVE-2021-34530\",\n \"CVE-2021-34533\",\n \"CVE-2021-34534\",\n \"CVE-2021-34535\",\n \"CVE-2021-34536\",\n \"CVE-2021-34537\",\n \"CVE-2021-36926\",\n \"CVE-2021-36932\",\n \"CVE-2021-36933\",\n \"CVE-2021-36936\",\n \"CVE-2021-36937\",\n \"CVE-2021-36938\",\n \"CVE-2021-36942\",\n \"CVE-2021-36947\"\n );\n script_xref(name:\"MSKB\", value:\"5005043\");\n script_xref(name:\"MSFT\", value:\"MS21-5005043\");\n script_xref(name:\"IAVA\", value:\"2021-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0374-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/21\");\n\n script_name(english:\"KB5005043: Windows 10 Version 1607 and Windows Server 2016 Security Update (August 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005043.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26424,\n CVE-2021-26432, CVE-2021-34530, CVE-2021-34533,\n CVE-2021-34534, CVE-2021-34535, CVE-2021-36936,\n CVE-2021-36937, CVE-2021-36947)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36942)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483,\n CVE-2021-34484, CVE-2021-34487, CVE-2021-34536,\n CVE-2021-34537)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-34480)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-26433, CVE-2021-36926,\n CVE-2021-36932, CVE-2021-36933, CVE-2021-36938)\");\n # https://support.microsoft.com/en-us/topic/august-10-2021-kb5005043-os-build-14393-4583-709d481e-b02a-4eb9-80d9-75c4b8170240\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5193663\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005043.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-08';\nkbs = make_list(\n '5005043'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10', \n sp:0,\n os_build:14393,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005043])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:13:14", "description": "The remote Windows host is missing security update 5005031.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26424, CVE-2021-26432, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-36936, CVE-2021-36937, CVE-2021-36947)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483, CVE-2021-34484, CVE-2021-34486, CVE-2021-34487, CVE-2021-34536, CVE-2021-34537, CVE-2021-36948)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-26433, CVE-2021-36926, CVE-2021-36932, CVE-2021-36933)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-34480)", "cvss3": {}, "published": "2021-08-10T00:00:00", "type": "nessus", "title": "KB5005031: Windows 10 Version 1909 Security Update (August 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-34480", "CVE-2021-34481", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34486", "CVE-2021-34487", "CVE-2021-34530", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36947", "CVE-2021-36948"], "modified": "2022-04-07T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_AUG_5005031.NASL", "href": "https://www.tenable.com/plugins/nessus/152430", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152430);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2021-26424\",\n \"CVE-2021-26425\",\n \"CVE-2021-26426\",\n \"CVE-2021-26432\",\n \"CVE-2021-26433\",\n \"CVE-2021-34480\",\n \"CVE-2021-34481\",\n \"CVE-2021-34483\",\n \"CVE-2021-34484\",\n \"CVE-2021-34486\",\n \"CVE-2021-34487\",\n \"CVE-2021-34530\",\n \"CVE-2021-34533\",\n \"CVE-2021-34534\",\n \"CVE-2021-34535\",\n \"CVE-2021-34536\",\n \"CVE-2021-34537\",\n \"CVE-2021-36926\",\n \"CVE-2021-36932\",\n \"CVE-2021-36933\",\n \"CVE-2021-36936\",\n \"CVE-2021-36937\",\n \"CVE-2021-36947\",\n \"CVE-2021-36948\"\n );\n script_xref(name:\"MSKB\", value:\"5005031\");\n script_xref(name:\"MSFT\", value:\"MS21-5005031\");\n script_xref(name:\"IAVA\", value:\"2021-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0374-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/21\");\n\n script_name(english:\"KB5005031: Windows 10 Version 1909 Security Update (August 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005031.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26424,\n CVE-2021-26432, CVE-2021-34530, CVE-2021-34533,\n CVE-2021-34534, CVE-2021-34535, CVE-2021-36936,\n CVE-2021-36937, CVE-2021-36947)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483,\n CVE-2021-34484, CVE-2021-34486, CVE-2021-34487,\n CVE-2021-34536, CVE-2021-34537, CVE-2021-36948)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-26433, CVE-2021-36926,\n CVE-2021-36932, CVE-2021-36933)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-34480)\");\n # https://support.microsoft.com/en-us/topic/august-10-2021-kb5005031-os-build-18363-1734-8af726da-a39b-417d-a5fb-670c42d69e78\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?819616f3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005031.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-08';\nkbs = make_list(\n '5005031'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10', \n sp:0,\n os_build:18363,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005031])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:07:27", "description": "The remote Windows host is missing security update 5005033.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-26431, CVE-2021-34483, CVE-2021-34484, CVE-2021-34486, CVE-2021-34487, CVE-2021-34536, CVE-2021-34537, CVE-2021-36948)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26424, CVE-2021-26432, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-36936, CVE-2021-36937, CVE-2021-36947)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-26433, CVE-2021-36926, CVE-2021-36932, CVE-2021-36933)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-34480)", "cvss3": {}, "published": "2021-08-10T00:00:00", "type": "nessus", "title": "KB5005033: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 Security Update (August 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26431", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-34480", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34486", "CVE-2021-34487", "CVE-2021-34530", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36947", "CVE-2021-36948"], "modified": "2022-04-07T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_AUG_5005033.NASL", "href": "https://www.tenable.com/plugins/nessus/152431", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152431);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2021-26424\",\n \"CVE-2021-26425\",\n \"CVE-2021-26426\",\n \"CVE-2021-26431\",\n \"CVE-2021-26432\",\n \"CVE-2021-26433\",\n \"CVE-2021-34480\",\n \"CVE-2021-34483\",\n \"CVE-2021-34484\",\n \"CVE-2021-34486\",\n \"CVE-2021-34487\",\n \"CVE-2021-34530\",\n \"CVE-2021-34533\",\n \"CVE-2021-34534\",\n \"CVE-2021-34535\",\n \"CVE-2021-34536\",\n \"CVE-2021-34537\",\n \"CVE-2021-36926\",\n \"CVE-2021-36932\",\n \"CVE-2021-36933\",\n \"CVE-2021-36936\",\n \"CVE-2021-36937\",\n \"CVE-2021-36947\",\n \"CVE-2021-36948\"\n );\n script_xref(name:\"MSKB\", value:\"5005033\");\n script_xref(name:\"MSFT\", value:\"MS21-5005033\");\n script_xref(name:\"IAVA\", value:\"2021-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0374-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/21\");\n\n script_name(english:\"KB5005033: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 Security Update (August 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005033.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-26431,\n CVE-2021-34483, CVE-2021-34484, CVE-2021-34486,\n CVE-2021-34487, CVE-2021-34536, CVE-2021-34537,\n CVE-2021-36948)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26424,\n CVE-2021-26432, CVE-2021-34530, CVE-2021-34533,\n CVE-2021-34534, CVE-2021-34535, CVE-2021-36936,\n CVE-2021-36937, CVE-2021-36947)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-26433, CVE-2021-36926,\n CVE-2021-36932, CVE-2021-36933)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-34480)\");\n # https://support.microsoft.com/en-us/topic/august-10-2021-kb5005033-os-builds-19041-1165-19042-1165-and-19043-1165-b4c77d08-435a-4833-b9f7-e092372079a4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?526975a8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005033.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nvar bulletin = 'MS21-08';\nvar kbs = make_list(\n '5005033'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvar share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10', \n sp:0,\n os_build:19041,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005033])\n||\n smb_check_rollup(os:'10', \n sp:0,\n os_build:19042,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005033])\n||\n smb_check_rollup(os:'10', \n sp:0,\n os_build:19043,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005033])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:13:14", "description": "The remote Windows host is missing security update 5005030.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26424, CVE-2021-26432, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-36936, CVE-2021-36937, CVE-2021-36947)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36942)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483, CVE-2021-34484, CVE-2021-34486, CVE-2021-34487, CVE-2021-34536, CVE-2021-34537, CVE-2021-36948)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-34480)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-26433, CVE-2021-36926, CVE-2021-36932, CVE-2021-36933, CVE-2021-36938)", "cvss3": {}, "published": "2021-08-10T00:00:00", "type": "nessus", "title": "KB5005030: Windows 10 Version 1809 and Windows Server 2019 Security Update (August 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-34480", "CVE-2021-34481", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34486", "CVE-2021-34487", "CVE-2021-34530", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36938", "CVE-2021-36942", "CVE-2021-36947", "CVE-2021-36948"], "modified": "2022-04-07T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_AUG_5005030.NASL", "href": "https://www.tenable.com/plugins/nessus/152435", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152435);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2021-26424\",\n \"CVE-2021-26425\",\n \"CVE-2021-26426\",\n \"CVE-2021-26432\",\n \"CVE-2021-26433\",\n \"CVE-2021-34480\",\n \"CVE-2021-34481\",\n \"CVE-2021-34483\",\n \"CVE-2021-34484\",\n \"CVE-2021-34486\",\n \"CVE-2021-34487\",\n \"CVE-2021-34530\",\n \"CVE-2021-34533\",\n \"CVE-2021-34534\",\n \"CVE-2021-34535\",\n \"CVE-2021-34536\",\n \"CVE-2021-34537\",\n \"CVE-2021-36926\",\n \"CVE-2021-36932\",\n \"CVE-2021-36933\",\n \"CVE-2021-36936\",\n \"CVE-2021-36937\",\n \"CVE-2021-36938\",\n \"CVE-2021-36942\",\n \"CVE-2021-36947\",\n \"CVE-2021-36948\"\n );\n script_xref(name:\"MSKB\", value:\"5005030\");\n script_xref(name:\"MSFT\", value:\"MS21-5005030\");\n script_xref(name:\"IAVA\", value:\"2021-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0374-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/21\");\n\n script_name(english:\"KB5005030: Windows 10 Version 1809 and Windows Server 2019 Security Update (August 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005030.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26424,\n CVE-2021-26432, CVE-2021-34530, CVE-2021-34533,\n CVE-2021-34534, CVE-2021-34535, CVE-2021-36936,\n CVE-2021-36937, CVE-2021-36947)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36942)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26425, CVE-2021-26426, CVE-2021-34483,\n CVE-2021-34484, CVE-2021-34486, CVE-2021-34487,\n CVE-2021-34536, CVE-2021-34537, CVE-2021-36948)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-34480)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-26433, CVE-2021-36926,\n CVE-2021-36932, CVE-2021-36933, CVE-2021-36938)\");\n # https://support.microsoft.com/en-us/topic/august-10-2021-kb5005030-os-build-17763-2114-cec503ed-cc09-4641-bdc1-988153e0bd9a\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34b43ea5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005030.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-08';\nkbs = make_list(\n '5005030'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10', \n sp:0,\n os_build:17763,\n rollup_date:'08_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005030])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2023-05-27T14:57:59", "description": "### *Detect date*:\n08/10/2021\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, cause denial of service, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 8.1 for 32-bit systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 2004 for ARM64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 1607 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 for 32-bit Systems \nWindows 10 Version 20H2 for 32-bit Systems \nWindows Server, version 20H2 (Server Core Installation) \nWindows 10 Version 2004 for x64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 21H1 for 32-bit Systems \nWindows Server 2016 \nWindows RT 8.1 \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows Server 2012 \nWindows 8.1 for x64-based systems \nRemote Desktop client for Windows Desktop \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 10 Version 1909 for x64-based Systems \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows Server, version 2004 (Server Core installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-36948](<https://nvd.nist.gov/vuln/detail/CVE-2021-36948>) \n[CVE-2021-26424](<https://nvd.nist.gov/vuln/detail/CVE-2021-26424>) \n[CVE-2021-26433](<https://nvd.nist.gov/vuln/detail/CVE-2021-26433>) \n[CVE-2021-36945](<https://nvd.nist.gov/vuln/detail/CVE-2021-36945>) \n[CVE-2021-26432](<https://nvd.nist.gov/vuln/detail/CVE-2021-26432>) \n[CVE-2021-36926](<https://nvd.nist.gov/vuln/detail/CVE-2021-36926>) \n[CVE-2021-36942](<https://nvd.nist.gov/vuln/detail/CVE-2021-36942>) \n[CVE-2021-36947](<https://nvd.nist.gov/vuln/detail/CVE-2021-36947>) \n[CVE-2021-34487](<https://nvd.nist.gov/vuln/detail/CVE-2021-34487>) \n[CVE-2021-34530](<https://nvd.nist.gov/vuln/detail/CVE-2021-34530>) \n[CVE-2021-34480](<https://nvd.nist.gov/vuln/detail/CVE-2021-34480>) \n[CVE-2021-34534](<https://nvd.nist.gov/vuln/detail/CVE-2021-34534>) \n[CVE-2021-36927](<https://nvd.nist.gov/vuln/detail/CVE-2021-36927>) \n[CVE-2021-34486](<https://nvd.nist.gov/vuln/detail/CVE-2021-34486>) \n[CVE-2021-36932](<https://nvd.nist.gov/vuln/detail/CVE-2021-36932>) \n[CVE-2021-34533](<https://nvd.nist.gov/vuln/detail/CVE-2021-34533>) \n[CVE-2021-34537](<https://nvd.nist.gov/vuln/detail/CVE-2021-34537>) \n[CVE-2021-36937](<https://nvd.nist.gov/vuln/detail/CVE-2021-36937>) \n[CVE-2021-36936](<https://nvd.nist.gov/vuln/detail/CVE-2021-36936>) \n[CVE-2021-26425](<https://nvd.nist.gov/vuln/detail/CVE-2021-26425>) \n[CVE-2021-34483](<https://nvd.nist.gov/vuln/detail/CVE-2021-34483>) \n[CVE-2021-26431](<https://nvd.nist.gov/vuln/detail/CVE-2021-26431>) \n[CVE-2021-26426](<https://nvd.nist.gov/vuln/detail/CVE-2021-26426>) \n[CVE-2021-34536](<https://nvd.nist.gov/vuln/detail/CVE-2021-34536>) \n[CVE-2021-34484](<https://nvd.nist.gov/vuln/detail/CVE-2021-34484>) \n[CVE-2021-34535](<https://nvd.nist.gov/vuln/detail/CVE-2021-34535>) \n[CVE-2021-36933](<https://nvd.nist.gov/vuln/detail/CVE-2021-36933>) \n[CVE-2021-36938](<https://nvd.nist.gov/vuln/detail/CVE-2021-36938>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *KB list*:\n[4023814](<http://support.microsoft.com/kb/4023814>) \n[5005036](<http://support.microsoft.com/kb/5005036>) \n[5005031](<http://support.microsoft.com/kb/5005031>) \n[5005033](<http://support.microsoft.com/kb/5005033>) \n[5005030](<http://support.microsoft.com/kb/5005030>) \n[5005106](<http://support.microsoft.com/kb/5005106>) \n[5005040](<http://support.microsoft.com/kb/5005040>) \n[5005099](<http://support.microsoft.com/kb/5005099>) \n[5005043](<http://support.microsoft.com/kb/5005043>) \n[5005076](<http://support.microsoft.com/kb/5005076>) \n[5005094](<http://support.microsoft.com/kb/5005094>) \n[5011535](<http://support.microsoft.com/kb/5011535>) \n[5011564](<http://support.microsoft.com/kb/5011564>) \n[5011560](<http://support.microsoft.com/kb/5011560>) \n[5011527](<http://support.microsoft.com/kb/5011527>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-10T00:00:00", "type": "kaspersky", "title": "KLA12259 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26431", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-34480", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34486", "CVE-2021-34487", "CVE-2021-34530", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36927", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36938", "CVE-2021-36942", "CVE-2021-36945", "CVE-2021-36947", "CVE-2021-36948"], "modified": "2022-10-18T00:00:00", "id": "KLA12259", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12259/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "qualysblog": [{"lastseen": "2021-08-21T10:10:11", "description": "### Microsoft Patch Tuesday \u2013 August 2021\n\nMicrosoft patched 51 vulnerabilities in their August 2021 Patch Tuesday release, and 7 of them are rated as critical severity. Three 0-day vulnerability patches were included in the release.\n\n#### Critical Microsoft Vulnerabilities Patched\n\n[CVE-2021-36942](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36942>) - Windows LSA Spoofing Vulnerability\n\nAn unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM. A malicious user can use this attack to take complete control over windows domain Per Microsoft, this vulnerability affects all servers, but domain controllers should be prioritized in terms of applying security updates.\n\n[CVE-2021-34481](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34481>) \u2013 Windows Print Spooler Remote Code Execution Vulnerability\n\nA remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. This Patch Tuesday Microsoft released security updates to address this vulnerability and should be prioritized.\n\n#### Three 0-Day Vulnerabilities Patched\n\n * [CVE-2021-36936](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36936>) - Windows Print Spooler Remote Code Execution Vulnerability\n * [CVE-2021-36942](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36942>) - Windows LSA Spoofing Vulnerability\n * [CVE-2021-36948](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36948>) - Windows Update Medic Service Elevation of Privilege Vulnerability - This has been actively exploited, per Microsoft.\n\n#### Qualys QIDs Providing Coverage\n\n**QID**| **Title**| **Severity**| **CVE ID** \n---|---|---|--- \n110388| Microsoft SharePoint Enterprise Server Multiple Vulnerabilities August 2021| Medium| [_CVE-2021-36940_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36940>) \n110389| Microsoft Office and Microsoft Office Services and Web Apps Security Update August 2021 | High| [_CVE-2021-34478_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34478>), [_CVE-2021-36941_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36941>) \n375798| Microsoft Azure CycleCloud Elevation of Privilege Vulnerability August 2021 | Medium| [_CVE-2021-33762_](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33762>), [_CVE-2021-36943_](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36943>), [_KB3142345_](<https://www.microsoft.com/en-us/download/details.aspx?id=103313>) \n91801| Microsoft Dynamics Business Central Cross-Site (XSS) Scripting Vulnerability August 2021 | Medium | [_CVE-2021-36946_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36946>) \n91802| Microsoft Windows Security Update for August 2021 \n \n | High| CVE-2021-26424, [_CVE-2021-26425_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26425>), [_CVE-2021-26426_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26426>), [_CVE-2021-26431_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26431>), [_CVE-2021-26432_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26432>), [_CVE-2021-26433_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26433>), [_CVE-2021-34480_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34480>), [_CVE-2021-34483_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34483>), [_CVE-2021-34484_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34484>), [_CVE-2021-34486_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34486>), [_CVE-2021-34487_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34487>), [_CVE-2021-34530_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34530>), [_CVE-2021-34533_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34533>), [_CVE-2021-34534_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34534>), [_CVE-2021-34535_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34535>), [_CVE-2021-34536_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34536>), [_CVE-2021-34537_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34537>), [_CVE-2021-36926_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36926>), [_CVE-2021-36927_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36927>), [_CVE-2021-36932_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36932>), [_CVE-2021-36933_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36933>), [_CVE-2021-36936_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36936>), [_CVE-2021-36937_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36937>), [_CVE-2021-36938_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36938>), [_CVE-2021-36947_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36947>), [_CVE-2021-36948_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36948>) \n91803| Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability August 2021 | High| [_CVE-2021-36942_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36942>) \n91804| Microsoft Windows Defender Elevation of Privilege Vulnerability August 2021 | Medium| [_CVE-2021-34471_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34471>) \n91805| Microsoft Windows 10 Update Assistant Elevation of Privilege Vulnerability August 2021 | Medium | [_CVE-2021-36945_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36945>) \n91806| Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability August 2021 | Medium| [_CVE-2021-36949_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36949>) \n91774| Microsoft .NET Core and ASP.NET Core Security Update for August 2021 | High| [_CVE-2021-26423_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26423>), [_CVE-2021-34485_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34485>), [_CVE-2021-34532_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34532>) \n91809| Microsoft Visual Studio Security Update for August 2021 | Medium| [_CVE-2021-26423_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26423>), [_CVE-2021-34485_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34485>), [_CVE-2021-34532_](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34532>) \n \n### Adobe Patch Tuesday \u2013 August 2021\n\nAdobe addressed 29 CVEs this Patch Tuesday impacting Adobe Connect and Magento product. The patches for Magento are labeled as [Priority 2](<https://helpx.adobe.com/security/severity-ratings.html>), while the remaining patches are set to [Priority 3](<https://helpx.adobe.com/security/severity-ratings.html>).\n\n**Adobe Security Bulletin**| **QID**| **Severity**| **CVE ID** \n---|---|---|--- \nAdobe Connect Multiple Vulnerabilities (APSB21-66) | 730152| Medium| [CVE-2021-36061](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36061>), [CVE-2021-36062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36062>), [CVE-2021-36063](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36063>) \n \n### Discover Patch Tuesday Vulnerabilities in VMDR\n\nQualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).\n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n\n`vulnerabilities.vulnerability:(qid:`91774` OR qid:`91801` OR qid:`91802` OR qid:`91803` OR qid:`91804` OR qid:`91805` OR qid:`91806` OR qid:`91809` OR qid:`375798` OR qid:`110389` OR qid:`110388` OR qid:`730152`)`\n\n\n\n### Respond by Patching\n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches in one go.\n\nThe following QQL will return the missing patches pertaining to this Patch Tuesday.\n\n`(qid:`91774` OR qid:`91801` OR qid:`91802` OR qid:`91803` OR qid:`91804` OR qid:`91805` OR qid:`91806` OR qid:`91809` OR qid:`375798` OR qid:`110389` OR qid:`110388` OR qid:`730152`)`\n\n\n\n### Patch Tuesday Dashboard\n\nThe current updated Patch Tuesday dashboards are available in [Dashboard Toolbox: 2021 Patch Tuesday Dashboard](<https://success.qualys.com/discussions/s/article/000006505>).\n\n### Webinar Series: This Month in Vulnerabilities and Patches\n\nTo help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series [_This Month in Vulnerabilities and Patches_](<https://www.brighttalk.com/webcast/11673/502309>).\n\nWe discuss some of the key vulnerabilities disclosed in the past month and how to patch them:\n\n * Microsoft Patch Tuesday, August 2021\n * Adobe Patch Tuesday, August 2021\n\n[Join us live or watch on demand!](<https://www.brighttalk.com/webcast/11673/502309>)\n\n[Webinar August 12, 2021 or on demand](<https://www.brighttalk.com/webcast/11673/502309>).\n\n### About Patch Tuesday\n\nPatch Tuesday QIDs are published at [Security Alerts](<https://www.qualys.com/research/security-alerts/>), typically late in the evening of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed shortly after by [PT dashboards](<https://qualys-secure.force.com/discussions/s/article/000006505>).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-10T19:58:49", "type": "qualysblog", "title": "Microsoft and Adobe Patch Tuesday (August 2021) \u2013 Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities", "bulletinFamily": "blog", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26423", "CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26431", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-33762", "CVE-2021-34471", "CVE-2021-34478", "CVE-2021-34480", "CVE-2021-34481", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34485", "CVE-2021-34486", "CVE-2021-34487", "CVE-2021-34530", "CVE-2021-34532", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36061", "CVE-2021-36062", "CVE-2021-36063", "CVE-2021-36926", "CVE-2021-36927", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36938", "CVE-2021-36940", "CVE-2021-36941", "CVE-2021-36942", "CVE-2021-36943", "CVE-2021-36945", "CVE-2021-36946", "CVE-2021-36947", "CVE-2021-36948", "CVE-2021-36949"], "modified": "2021-08-10T19:58:49", "id": "QUALYSBLOG:0F0ACCA731E84F3B1067935E483FC950", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "rapid7blog": [{"lastseen": "2021-08-21T10:49:33", "description": "\n\nHot off the press, it\u2019s another issue of the Patch Tuesday blog! While the number of vulnerabilities is low this month, there are a number of high risk items administrators will want to patch right away including a few that will require additional remediation steps. This Patch Tuesday also includes updates for three vulnerabilities that were publicly disclosed earlier this month. Let\u2019s jump in.\n\n## Windows Elevation of Privilege Vulnerability aka HiveNightmare/SeriousSAM\n\n<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934> \nWith a public proof-of-concept having been available for some time, administrators should prioritize taking action on CVE-2021-36934. Remediation for this vulnerability requires volume shadow copies for system files to be deleted. This is due to the nature of the vulnerability, as the files with the vulnerable permissions could be restored from a backup and accessed even after the patch is installed. Microsoft indicates they took caution not to delete users' backups, but the trade-off is that customers will need to do the chore themselves. We've updated [our blog post](<https://www.rapid7.com/blog/post/2021/07/21/microsoft-sam-file-readability-cve-2021-36934-what-you-need-to-know/>) with this additional information.\n\n## Windows LSA Spoofing Vulnerability aka ADV210003\n\n<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36942> \nAnother high priority action for patching teams is CVE-2021-36942. This update patches one of the vectors used in the PetitPotam attack. After applying this update there are additional configurations required in order to protect systems from other attack vectors using registry keys. The InsightVM team has included detection for the registry keys needed to enable EPA and SMB Signing in addition to the normal update. Please see [our blog post](<https://www.rapid7.com/blog/post/2021/08/03/petitpotam-novel-attack-chain-can-fully-compromise-windows-domains-running-ad-cs/>) for more information.\n\n## Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26432> \nWhile Microsoft has not offered up any details for this vulnerability we can glean some info from the CVSS information. This remote code execution vulnerability is reachable from the network service with no authentication or user action required. There may not be an exploit available for this yet, but Microsoft indicates that \u201cExploitation [is] more likely\u201d. Put this update near the top of your TODO list.\n\n## Windows TCP/IP Remote Code Execution Vulnerability\n\n<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26424> \nLast on our list is a vulnerability that can result in remote execution on a Hyper-V host via the IPv6 networking stack. If Hyper-V is used in your environment this should be first on your list this month. \n\n## Summary Graphs\n\n\n\n## Summary Tables\n\n## Azure Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-36949](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36949>) | Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability | No | No | 7.1 | Yes \n[CVE-2021-26428](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26428>) | Azure Sphere Information Disclosure Vulnerability | No | No | 4.4 | Yes \n[CVE-2021-26429](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26429>) | Azure Sphere Elevation of Privilege Vulnerability | No | No | 7.7 | Yes \n[CVE-2021-26430](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26430>) | Azure Sphere Denial of Service Vulnerability | No | No | 6 | Yes \n[CVE-2021-33762](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33762>) | Azure CycleCloud Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-36943](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36943>) | Azure CycleCloud Elevation of Privilege Vulnerability | No | No | 4 | No \n \n## Browser Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-30597](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30597>) | Chromium: CVE-2021-30597 Use after free in Browser UI | No | No | | Yes \n[CVE-2021-30596](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30596>) | Chromium: CVE-2021-30596 Incorrect security UI in Navigation | No | No | | Yes \n[CVE-2021-30594](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30594>) | Chromium: CVE-2021-30594 Use after free in Page Info UI | No | No | | Yes \n[CVE-2021-30593](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30593>) | Chromium: CVE-2021-30593 Out of bounds read in Tab Strip | No | No | | Yes \n[CVE-2021-30592](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30592>) | Chromium: CVE-2021-30592 Out of bounds write in Tab Groups | No | No | | Yes \n[CVE-2021-30591](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30591>) | Chromium: CVE-2021-30591 Use after free in File System API | No | No | | Yes \n[CVE-2021-30590](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30590>) | Chromium: CVE-2021-30590 Heap buffer overflow in Bookmarks | No | No | | Yes \n \n## Developer Tools Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-34532](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532>) | ASP.NET Core and Visual Studio Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-34485](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34485>) | .NET Core and Visual Studio Information Disclosure Vulnerability | No | No | 5 | Yes \n[CVE-2021-26423](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26423>) | .NET Core and Visual Studio Denial of Service Vulnerability | No | No | 7.5 | No \n \n## Microsoft Dynamics Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-36946](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36946>) | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | No | No | 5.4 | No \n[CVE-2021-34524](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34524>) | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | No | No | 8.1 | No \n[CVE-2021-36950](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36950>) | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 5.4 | No \n \n## Microsoft Office Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-36941](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36941>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-36940](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36940>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-34478](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34478>) | Microsoft Office Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n## System Center Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-34471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34471>) | Microsoft Windows Defender Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n## Windows Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-26426](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26426>) | Windows User Account Profile Picture Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-36948](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36948>) | Windows Update Medic Service Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-26432](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26432>) | Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | No | No | 9.8 | No \n[CVE-2021-26433](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26433>) | Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-36926](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36926>) | Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-36932](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36932>) | Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-36933](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36933>) | Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-26431](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26431>) | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-34534](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34534>) | Windows MSHTML Platform Remote Code Execution Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-34530](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34530>) | Windows Graphics Component Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-34486](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34486>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-34487](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34487>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-36938](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36938>) | Windows Cryptographic Primitives Library Information Disclosure Vulnerability | No | No | 5.5 | No \n[CVE-2021-36945](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36945>) | Windows 10 Update Assistant Elevation of Privilege Vulnerability | No | No | 7.3 | No \n[CVE-2021-34536](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34536>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n \n## Windows ESU Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-34484](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34484>) | Windows User Profile Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26424](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26424>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.9 | Yes \n[CVE-2021-36936](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36936>) | Windows Print Spooler Remote Code Execution Vulnerability | No | Yes | 8.8 | No \n[CVE-2021-36947](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36947>) | Windows Print Spooler Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-34483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34483>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36937](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36937>) | Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-36942](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36942>) | Windows LSA Spoofing Vulnerability | No | Yes | 7.5 | Yes \n[CVE-2021-34533](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34533>) | Windows Graphics Component Font Parsing Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-26425](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26425>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36927](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36927>) | Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-34537](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34537>) | Windows Bluetooth Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-34480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34480>) | Scripting Engine Memory Corruption Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-34535](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34535>) | Remote Desktop Client Remote Code Execution Vulnerability | No | No | 8.8 | Yes", "cvss3": {}, "published": "2021-08-11T03:19:33", "type": "rapid7blog", "title": "Patch Tuesday - August 2021", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-26423", "CVE-2021-26424", "CVE-2021-26425", "CVE-2021-26426", "CVE-2021-26428", "CVE-2021-26429", "CVE-2021-26430", "CVE-2021-26431", "CVE-2021-26432", "CVE-2021-26433", "CVE-2021-30590", "CVE-2021-30591", "CVE-2021-30592", "CVE-2021-30593", "CVE-2021-30594", "CVE-2021-30596", "CVE-2021-30597", "CVE-2021-33762", "CVE-2021-34471", "CVE-2021-34478", "CVE-2021-34480", "CVE-2021-34483", "CVE-2021-34484", "CVE-2021-34485", "CVE-2021-34486", "CVE-2021-34487", "CVE-2021-34524", "CVE-2021-34530", "CVE-2021-34532", "CVE-2021-34533", "CVE-2021-34534", "CVE-2021-34535", "CVE-2021-34536", "CVE-2021-34537", "CVE-2021-36926", "CVE-2021-36927", "CVE-2021-36932", "CVE-2021-36933", "CVE-2021-36934", "CVE-2021-36936", "CVE-2021-36937", "CVE-2021-36938", "CVE-2021-36940", "CVE-2021-36941", "CVE-2021-36942", "CVE-2021-36943", "CVE-2021-36945", "CVE-2021-36946", "CVE-2021-36947", "CVE-2021-36948", "CVE-2021-36949", "CVE-2021-36950"], "modified": "2021-08-11T03:19:33", "id": "RAPID7BLOG:DE426F8A59CA497BB6C0B90C0F1849CD", "href": "https://blog.rapid7.com/2021/08/11/patch-tuesday-august-2021/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
CVE-2021-34530
