REDLEGG BLOG

Critical Vulnerabilities Bulletin November 2021

11/11/21 6:21 AM  |  by RedLegg Blog

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

Identifier: CVE-2021-26443

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26443

Description: CVE-2021-26443 allows an attacker to remotely execute code on a vulnerable HyperV deployment.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft COM for Windows Remote Code Execution Vulnerability

Identifier: CVE-2021-42275

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42275

Description: CVE-2021-42275 allows an attacker to exploit code through the vulnerable COM component on Windows operation systems.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft Exchange Server Remote Code Execution Vulnerability

Identifier: CVE-2021-42321

Exploit or POC: Yes.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321

Description: CVE-2021-4321 allows an attacker to remotely execute code on a vulnerable Microsoft Exchange server.

Mitigation recommendation: Patching is currently the only method of mitigation.

NTFS Elevation of Privilege Vulnerability

Identifier: CVE-2021-42283

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42283

Description:  CVE-2021-42283 allows an attacker to escalate privileges via the vulnerable NT file system.

Mitigation recommendation: Patching is currently the only method of mitigation.

Remote Desktop Client Remote Code Vulnerability

Identifier: CVE-2021-38666

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38666

Description: CVE-2021-38666  allows an attacker to remotely execute code on a vulnerable Windows host with RDP enabled.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability 

Identifier: CVE-2021-42316

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42316

Description: CVE-2021-42316 allows an attacker to remotely execute code on a vulnerable Microsoft Exchange Server.

Mitigation recommendation: Patching is currently the only method of mitigation

Zoho Manage Engine Automation Bypass with Resultant Remote Code Execution Vulnerability

Identifier: CVE-2021-40539

Exploit or POC: Yes.

Update: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40539

Description: CVE-2021-40539 allows an attacker to remotely execute code after authentication bypass on vulnerable Zoho ManageEngine ADSelfService implementations.

Mitigation recommendation: Patching is currently the only method of mitigation

Microsoft Excel Security Feature Bypass Vulnerability

Identifier: CVE-2021-42292

Exploit or POC: Yes.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42292

Description: CVE-2021-42292 allows an attacker to bypass the security restrictions in Excel

Mitigation recommendation: Patching is currently the only method of mitigation

Get Blog Updates

Related Articles

Emergency Vulnerability Bulletin - 09/30/22 96bravo

Emergency Vulnerability Bulletin - 09/30/22

Atlassian Bitbucket Server and Data Center Vulnerability Identifier: CVE-2022-36804 Exploit or POC: Yes (Actively Being ...
Emergency Vulnerability Bulletin - 09/30/22 96bravo

Emergency Vulnerability Bulletin - 09/30/22

Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability Identifier: CVE-2022-41040 Exploit or POC: ...
Critical Security Vulnerabilities Bulletin