REDLEGG BLOG

Critical Vulnerabilities Bulletin October 2021

10/15/21 3:44 AM  |  by RedLegg Blog

Microsoft Exchange Server Remote Code Execution Vulnerability 

Identifier: CVE-2021-26427

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26427

Description: CVE-2021-26427 allows an attacker to remotely execute code on a vulnerable exchange server.

Mitigation recommendation: Patching is currently the only method of mitigation.

Windows Print Spooler Spoofing Vulnerability

Identifier: CVE-2021-36970

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36970

Description: CVE-2021-36970 allows an attacker to exploit the vulnerable print spooler component.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft SharePoint Server Remote Code Execution Vulnerability

Identifier: CVE-2021-40487, CVE-2021-41344

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41344

Description: CVE-2021-40487 and CVE-2021-41344 allows an attacker to remotely execute code on vulnerable SharePoint servers.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft Exchange Server Elevation of Privilege Vulnerability 

Identifier: CVE-2021-41348

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41348

Description:  CVE-2021-41348 allows an attacker to escalate privileges on vulnerable exchange servers.

Mitigation recommendation: Patching is currently the only method of mitigation.

Windows Hyper-V Remote Code Execution Vulnerability

Identifier: CVE-2021-40461, CVE-2021-38672

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38672

Description: CVE-2021-38672 and CVE-2021-40461 allows an attacker to remotely execute code on vulnerable Hyper-V deployments.

Mitigation recommendation: Patching is currently the only method of mitigation.

Windows Nearby Sharing Elevation of Privilege Vulnerability 

Identifier: CVE-2021-40464

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40464

Description: CVE-2021-40464 allows an attacker to elevate privileges on a host with a vulnerable "Nearby Sharing" component.

Mitigation recommendation: Patching is currently the only method of mitigation

Vulnerability

Exploited

CVSS v3

CVE

Microsoft Exchange Server Remote Code Execution Vulnerability

No

9

CVE-2021-26427

Windows Print Spooler Spoofing Vulnerability

No

8.8

CVE-2021-36970

Microsoft SharePoint Server Remote Code Execution Vulnerability

No

8.1

CVE-2021-40487

Microsoft SharePoint Server Remote Code Execution Vulnerability

No

8.1

CVE-2021-41344

Microsoft Exchange Server Elevation of Privilege Vulnerability

No

8

CVE-2021-41348

Windows Hyper-V Remote Code Execution Vulnerability

No

8

CVE-2021-40461

Windows Hyper-V Remote Code Execution Vulnerability

No

8

CVE-2021-38672

Windows Nearby Sharing Elevation of Privilege Vulnerability

No

8

CVE-2021-40464

DirectX Graphics Kernel Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40470

Microsoft Excel Remote Code Execution Vulnerability

No

7.8

CVE-2021-40471

Microsoft Excel Remote Code Execution Vulnerability

No

7.8

CVE-2021-40473

Microsoft Excel Remote Code Execution Vulnerability

No

7.8

CVE-2021-40474

Microsoft Excel Remote Code Execution Vulnerability

No

7.8

CVE-2021-40479

Microsoft Excel Remote Code Execution Vulnerability

No

7.8

CVE-2021-40485

Microsoft Office Visio Remote Code Execution Vulnerability

No

7.8

CVE-2021-40480

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

No

7.8

CVE-2021-41330

Microsoft Word Remote Code Execution Vulnerability

No

7.8

CVE-2021-40486

Storage Spaces Controller Elevation of Privilege Vulnerability

No

7.8

CVE-2021-26441

Storage Spaces Controller Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40478

Storage Spaces Controller Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40488

Storage Spaces Controller Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40489

Storage Spaces Controller Elevation of Privilege Vulnerability

No

7.8

CVE-2021-41345

Win32k Elevation of Privilege Vulnerability

Yes

7.8

CVE-2021-40449

Win32k Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40450

Win32k Elevation of Privilege Vulnerability

No

7.8

CVE-2021-41357

Windows AppX Deployment Service Elevation of Privilege Vulnerability

No

7.8

CVE-2021-41347

Windows Common Log File System Driver Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40443

Windows Common Log File System Driver Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40466

Windows Common Log File System Driver Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40467

Windows Event Tracing Elevation of Privilege Vulnerability

No

7.8

CVE-2021-40477

Windows Graphics Component Remote Code Execution Vulnerability

No

7.8

CVE-2021-41340

Windows Kernel Elevation of Privilege Vulnerability

No

7.8

CVE-2021-41335

Windows Media Audio Decoder Remote Code Execution Vulnerability

No

7.8

CVE-2021-41331

Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability

No

7.8

CVE-2021-40462

Windows Text Shaping Remote Code Execution Vulnerability

No

7.8

CVE-2021-40465

Windows NAT Denial of Service Vulnerability

No

7.7

CVE-2021-40463

Microsoft SharePoint Server Spoofing Vulnerability

No

7.6

CVE-2021-40484

Microsoft SharePoint Server Spoofing Vulnerability

No

7.6

CVE-2021-40483

Microsoft Exchange Server Denial of Service Vulnerability

No

7.5

CVE-2021-34453

SCOM Information Disclosure Vulnerability

No

7.5

CVE-2021-41352

Windows AppContainer Elevation Of Privilege Vulnerability

No

7.5

CVE-2021-40476

Windows TCP/IP Denial of Service Vulnerability

No

7.5

CVE-2021-36953

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

No

7.4

CVE-2021-40457

Windows DNS Server Remote Code Execution Vulnerability

No

7.2

CVE-2021-40469

Microsoft Office Visio Remote Code Execution Vulnerability

No

7.1

CVE-2021-40481

Windows Desktop Bridge Elevation of Privilege Vulnerability

No

7

CVE-2021-41334

Windows HTTP.sys Elevation of Privilege Vulnerability

No

7

CVE-2021-26442

Windows MSHTML Platform Remote Code Execution Vulnerability

No

6.8

CVE-2021-41342

Microsoft Exchange Server Spoofing Vulnerability

No

6.5

CVE-2021-41350

Windows Print Spooler Information Disclosure Vulnerability

No

6.5

CVE-2021-41332

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

No

6.5

CVE-2021-40460

.NET Core and Visual Studio Information Disclosure Vulnerability

No

5.7

CVE-2021-41355

Microsoft Excel Information Disclosure Vulnerability

No

5.5

CVE-2021-40472

Rich Text Edit Control Information Disclosure Vulnerability

No

5.5

CVE-2021-40454

Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability

No

5.5

CVE-2021-41338

Windows Bind Filter Driver Information Disclosure Vulnerability

No

5.5

CVE-2021-40468

Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

No

5.5

CVE-2021-40475

Windows Fast FAT File System Driver Information Disclosure Vulnerability

No

5.5

CVE-2021-38662

Windows Fast FAT File System Driver Information Disclosure Vulnerability

No

5.5

CVE-2021-41343

Windows Installer Spoofing Vulnerability

No

5.5

CVE-2021-40455

Windows Kernel Information Disclosure Vulnerability

No

5.5

CVE-2021-41336

Windows exFAT File System Information Disclosure Vulnerability

No

5.5

CVE-2021-38663

Active Directory Federation Server Spoofing Vulnerability

No

5.4

CVE-2021-41361

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

No

5.4

CVE-2021-41353

Console Window Host Security Feature Bypass Vulnerability

No

5.3

CVE-2021-41346

Microsoft SharePoint Server Information Disclosure Vulnerability

No

5.3

CVE-2021-40482

Windows AD FS Security Feature Bypass Vulnerability

No

5.3

CVE-2021-40456

Active Directory Security Feature Bypass Vulnerability

No

4.9

CVE-2021-41337

Microsoft DWM Core Library Elevation of Privilege Vulnerability

No

4.7

CVE-2021-41339

Intune Management Extension Security Feature Bypass Vulnerability

No

4.2

CVE-2021-41363

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

No

4.1

CVE-2021-41354

Chromium: CVE-2021-37974 Use after free in Safe Browsing

-

0

CVE-2021-37974

Chromium: CVE-2021-37975 Use after free in V8

-

0

CVE-2021-37975

Chromium: CVE-2021-37976 Information leak in core

-

0

CVE-2021-37976

Chromium: CVE-2021-37977 Use after free in Garbage Collection

-

0

CVE-2021-37977

Chromium: CVE-2021-37978 Heap buffer overflow in Blink

-

0

CVE-2021-37978

Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC

-

0

CVE-2021-37979

Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox

-

0

CVE-2021-37980

OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference

No

0

CVE-2020-1971

OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing

No

0

CVE-2021-3449

OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT

No

0

CVE-2021-3450

 

Get Blog Updates

Related Articles

Summoning Cyber Awareness: Exorcising the Malevolent Realm of Remote Monitoring and Management Tools threat intel, 96bravo

Summoning Cyber Awareness: Exorcising the Malevolent Realm of Remote Monitoring and Management Tools

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity & Infrastructure ...
Patch Tuesday - August 2023 96bravo

Patch Tuesday - August 2023

*Important note: These are not the only vulnerabilities that have been recently released; however, these are the ...
Critical Security Vulnerabilities Bulletin