Lucene search

K
hiveproHive ProHIVEPRO:152F6F7B9557DB47003F4F65E73BCF44
HistoryNov 23, 2021 - 10:56 a.m.

Microsoft could not patch this vulnerability

2021-11-2310:56:28
Hive Pro
www.hivepro.com
167

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.9%

THREAT LEVEL: Red.

For a detailed advisory, download the pdf file here.

Microsoft released patches for 44 vulnerabilities on November 9th. CVE-2021-41379 was among them. However, installing this patch does not completely eliminate the vulnerability.

An exploit for a new Windows zero-day local privilege elevation vulnerability that grants admin privileges in Windows 10, Windows 11, and Windows Server has been publicly disclosed by a security researcher, Abdelhamid Naceri.

CVE-2021-41379 is a privilege escalation vulnerability that allows an attacker with limited access on a compromised system to move laterally within the same network. All the versions of Windows 10, Windows 11 and Windows server are affected by this vulnerability.

After examining Microsoft's fix, the security researcher who discovered this vulnerability, discovered a bypass of the patch as well as a more powerful new zero-day privilege elevation vulnerability.

There are currently no workarounds for this vulnerability. Any attempt to directly patch the binary will result in a failure of the Windows installer. We must wait for Microsoft to resolve this issue.

Vulnerability Details

References

<https://www.bleepingcomputer.com/news/microsoft/new-windows-zero-day-with-public-exploit-lets-you-become-an-admin/&gt;

<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41379&gt;

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.9%