Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12341
HistoryNov 09, 2021 - 12:00 a.m.

KLA12341 Multiple vulnerabilities in Microsoft Products (ESU)

2021-11-0900:00:00
Kaspersky Lab
threats.kaspersky.com
27

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.908 High

EPSS

Percentile

98.8%

JSON

Detect date:

11/09/2021

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.

Exploitation:

Public exploits exist for this vulnerability.

Affected products:

Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2012
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2021-42282
CVE-2021-41367
CVE-2021-41371
CVE-2021-38665
CVE-2021-38666
CVE-2021-42291
CVE-2021-42278
CVE-2021-41377
CVE-2021-41379
CVE-2021-42285
CVE-2021-42283
CVE-2021-42275
CVE-2021-38631
CVE-2021-41370
CVE-2021-42287
CVE-2021-41366
CVE-2021-42284

Impacts:

ACE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2021-422826.5High
CVE-2021-413674.6Warning
CVE-2021-413712.1Warning
CVE-2021-386654.3Warning
CVE-2021-386666.8High
CVE-2021-422916.5High
CVE-2021-422786.5High
CVE-2021-413774.6Warning
CVE-2021-413794.6Warning
CVE-2021-422857.2High
CVE-2021-422834.6Warning
CVE-2021-422756.5High
CVE-2021-386312.1Warning
CVE-2021-413704.6Warning
CVE-2021-422876.5High
CVE-2021-422847.1High
CVE-2021-413664.6Warning

KB list:

5007233
5007236
5007263
5007246
5007260
5007255
5007245
5007247

Microsoft official advisories:

References

Related

mskb 15
nessus 11
openvas 7
attackerkb 4
kaspersky 1
thn 4
threatpost 4
kitploit 1
pentestpartners 1
checkpoint_advisories 2
krebs 2
githubexploit 1
prion 17
cisa_kev 3
mscve 17
cve 17
zdi 1
altlinux 2
cnvd 2
hivepro 2
malwarebytes 3
qualysblog 1
rapid7blog 3
avleonov 1
mskb
mskb
November 9, 2021โ€”KB5007247 (Monthly Rollup)
2021-11-09 08:00:00
November 9, 2021โ€”KB5007255 (Security-only update)
2021-11-09 08:00:00
November 9, 2021โ€”KB5007233 (Security-only update)
2021-11-09 08:00:00
nessus
nessus
KB5007255: Windows 8.1 and Windows Server 2012 R2 Security Update (November 2021)
2021-11-09 00:00:00
KB5007233: Windows 7 and Windows Server 2008 R2 Security Update (November 2021)
2021-11-09 00:00:00
KB5007245: Windows Server 2012 Security Update (November 2021)
2021-11-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5007247)
2021-11-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5007236)
2021-11-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5007207)
2021-11-10 00:00:00
attackerkb
attackerkb
CVE-2021-42291
2021-11-10 00:00:00
CVE-2021-42278
2021-11-10 00:00:00
CVE-2021-42287
2021-11-10 00:00:00
kaspersky
kaspersky
KLA12345 Multiple vulnerabilities in Microsoft Windows
2021-11-09 00:00:00
thn
thn
Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers
2021-12-22 07:01:00
Microsoft Issues Patches for Actively Exploited Excel, Exchange Server 0-Day Bugs
2021-11-10 06:24:00
Warning โ€” Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild
2021-11-25 08:10:00
threatpost
threatpost
Two Active Directory Bugs Lead to Easy Windows Domain Takeover
2021-12-21 16:46:02
Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs
2021-11-09 21:41:49
Attackers Actively Target Windows Installer Zero-Day
2021-11-24 14:09:18
kitploit
kitploit
noPac - Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User
2022-09-06 12:30:00
pentestpartners
pentestpartners
A broken marriage. Abusing mixed vendor Kerberos stacks
2023-08-25 05:35:47
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Active Directory Privilege Escalation Multiple Vulnerabilities (CVE-2021-42278; CVE-2021-42287)
2022-04-27 00:00:00
Microsoft Remote Desktop Client Remote Code Execution (CVE-2021-38666)
2021-11-09 00:00:00
krebs
krebs
Microsoft Patch Tuesday, November 2021 Edition
2021-11-09 20:39:07
Microsoft Patch Tuesday, December 2021 Edition
2021-12-14 22:23:44
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Log4J
2022-01-13 21:16:26
prion
prion
Privilege escalation
2021-11-10 01:19:00
Privilege escalation
2021-11-10 01:19:00
Privilege escalation
2021-11-10 01:19:00
cisa_kev
cisa_kev
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
2022-04-11 00:00:00
Microsoft Windows Installer Privilege Escalation Vulnerability
2022-03-03 00:00:00
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
2022-04-11 00:00:00
mscve
mscve
Windows Hyper-V Denial of Service Vulnerability
2021-11-09 08:00:00
Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
2021-11-09 08:00:00
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
2021-11-09 08:00:00
cve
cve
CVE-2021-42278
2021-11-10 01:19:00
CVE-2021-42291
2021-11-10 01:19:00
CVE-2021-42285
2021-11-10 01:19:00
zdi
zdi
Microsoft Windows Installer Service Link Following Privilege Escalation Vulnerability
2021-11-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.16.4-alt2
2022-09-08 00:00:00
Security fix for the ALT Linux 9 package adcli version 0.9.2-alt1
2023-04-21 00:00:00
cnvd
cnvd
Microsoft Windows COM Remote Code Execution Vulnerability
2021-11-12 00:00:00
Microsoft Windows Active Directory Elevation of Privilege Vulnerability
2021-11-12 00:00:00
hivepro
hivepro
Microsoft could not patch this vulnerability
2021-11-23 10:56:28
Microsoftโ€™s Patch Tuesday Security Updates for November
2021-11-10 11:20:36
malwarebytes
malwarebytes
Windows Installer vulnerability becomes actively exploited zero-day
2021-11-24 14:21:50
CISA list of 95 new known exploited vulnerabilities raises questions
2022-03-14 11:18:33
[updated] Patch now! Microsoft plugs actively exploited zero-days and other updates
2021-11-10 14:30:23
qualysblog
qualysblog
Microsoft & Adobe Patch Tuesday (November 2021) โ€“ Microsoft 55 Vulnerabilities with 6 Critical, 6 Zero-Days. Adobe 4 Vulnerabilities
2021-11-11 01:07:53
rapid7blog
rapid7blog
Ongoing Exploitation of Windows Installer CVE-2021-41379
2021-11-30 19:03:28
Dropping Files on a Domain Controller Using CVE-2021-43893
2022-02-14 15:30:52
Patch Tuesday - December 2021
2021-12-14 22:12:53
avleonov
avleonov
Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021
2021-11-30 20:30:48

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.908 High

EPSS

Percentile

98.8%

JSON
Related for KLA12341
mskb15nessus11openvas7attackerkb4kaspersky1thn4threatpost4kitploit1pentestpartners1checkpoint_advisories2krebs2githubexploit1prion17cisa_kev3mscve17cve17zdi1altlinux2cnvd2hivepro2malwarebytes3qualysblog1rapid7blog3avleonov1