REDLEGG BLOG

Critical Vulnerabilities Bulletin 2nd Edition- July 2021

7/14/21 5:59 PM  |  by RedLegg Blog

Windows Print Spooler Remote Code Execution Vulnerability

Identifier: CVE-2021-34527

Exploit or POC: Yes.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Description: CVE-2021-34527 allows an attacker to execute code within Windows Print Spooler with SYSTEM privileges. CVE-2021-34527 is actively being exploited in the wild.

Mitigation recommendation: Patching is currently the only method of mitigation 

Windows Kernel Elevation of Privilege Vulnerability

Identifier: CVE-2021-31979, CVE-2021-33771

Exploit or POC: Yes.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31979

Description: CVE-2021-31979, CVE-2021-33771 allows an attacker with access to a host to elevate privileges. CVE-2021-31979, CVE-2021-33771 are both actively being exploited in the wild.

Mitigation recommendation: Patching is currently the only method of mitigation.

Scripting Engine Memory Corruption Vulnerability

Identifier: CVE-2021-34448

Exploit or POC: Yes.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34448

Description: CVE-2021-34448 is a memory corruption vulnerability that exists in the Scripting Engine component of windows. CVE-2021-34448 is actively being exploited by attacker in the wild.

Mitigation recommendation: Patching is currently the only method of mitigation.

Windows DNS Server Remote Code Execution Vulnerability

Identifier: CVE-2021-34525, CVE-2021-33780, CVE-2021-34494

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34448

Description: CVE-2021-33780 allows an attacker with network access to remotely execute code via the Windows DNS server component which allows the attacker to run code with SYSTEM privileges.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft Office Security Feature Bypass Vulnerability

Identifier: CVE-2021-34469

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34469

Description: CVE-2021-34469 allows an attacker to bypass security features of Microsoft Office with a specially crafted file.

Mitigation recommendation: Patching is currently the only method of mitigation.

Active Directory Security Feature Bypass Vulnerability

Identifier: CVE-2021-33781

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33781

Description: CVE-2021-33781 allows an attacker to bypass security features in Active Directory.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft Exchange Server Remote Code Execution Vulnerability

Identifier: CVE-2021-34473

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473

Description: CVE-2021-34473 allows an authenticated attacker to remotely execute code on a vulnerable exchange server.

Mitigation recommendation: Patching is currently the only method of mitigation.

Microsoft Exchange Server Elevation of Privilege Vulnerability

Identifier: CVE-2021-34523

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523

Description: CVE-2021-34523 allows an authenticated attacker elevate privileges on a vulnerable exchange server.

Mitigation recommendation: Patching is currently the only method of mitigation.

Windows Certificate Spoofing Vulnerability

Identifier: CVE-2021-34492

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34492

Description: CVE-2021-34492 allows an attacker with access to a vulnerable host to spoof certificates which could potentially allow the attacker to impersonate legit signed software.

Mitigation recommendation: Patching is currently the only method of mitigation.

Windows ADFS Security Feature Bypass Vulnerability

Identifier: CVE-2021-33779

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33779

Description: CVE-2021-33779 allows an attacker to bypass security features in the Active Directory Federation Services.

Mitigation recommendation: Patching is currently the only method of mitigation.

CVE

Vulnerability

Impact

CVSS v3

Exploitation Likeliness

CVE-2021-34458

Windows Kernel RCE Vulnerability

RCE

9.9

Less Likely

CVE-2021-34473

Microsoft Exchange Server RCE Vulnerability

RCE

9.1

More Likely

CVE-2021-34523

Microsoft Exchange Server EoP Vulnerability

EoP

9

Less Likely

CVE-2021-33780

Windows DNS Server RCE Vulnerability

RCE

8.8

More Likely

CVE-2021-34494

Windows DNS Server RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-34525

Windows DNS Server RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-33749

Windows DNS Snap-in RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-33750

Windows DNS Snap-in RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-33752

Windows DNS Snap-in RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-33756

Windows DNS Snap-in RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-34508

Windows Kernel RCE Vulnerability

RCE

8.8

Less Likely

CVE-2021-34527

Windows Print Spooler RCE Vulnerability

RCE

8.8

Detected

CVE-2021-34450

Windows Hyper-V RCE Vulnerability

RCE

8.5

Less Likely

CVE-2021-34469

Microsoft Office SFB Vulnerability

SFB

8.2

Less Likely

CVE-2021-33767

Open Enclave SDK EoP Vulnerability

EoP

8.2

Less Likely

CVE-2021-34520

Microsoft SharePoint Server RCE Vulnerability

RCE

8.1

More Likely

CVE-2021-33781

Active Directory SFB Vulnerability

SFB

8.1

Less Likely

CVE-2021-33779

Windows ADFS SFB Vulnerability

SFB

8.1

Less Likely

CVE-2021-34492

Windows Certificate Spoofing Vulnerability

Spoofing

8.1

Less Likely

CVE-2021-33786

Windows LSA SFB Vulnerability

SFB

8.1

Less Likely

CVE-2021-34474

Dynamics Business Central RCE Vulnerability

RCE

8

Less Likely

CVE-2021-34470

Microsoft Exchange Server EoP Vulnerability

EoP

8

Less Likely

CVE-2021-33768

Microsoft Exchange Server EoP Vulnerability

EoP

8

Less Likely

CVE-2021-33746

Windows DNS Server RCE Vulnerability

RCE

8

Less Likely

CVE-2021-33754

Windows DNS Server RCE Vulnerability

RCE

8

Less Likely

CVE-2021-34446

Windows HTML Platforms SFB Vulnerability

SFB

8

Less Likely

CVE-2021-34489

DirectWrite RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-31947

HEVC Video Extensions RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-33775

HEVC Video Extensions RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-33776

HEVC Video Extensions RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-33777

HEVC Video Extensions RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-33778

HEVC Video Extensions RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34464

Microsoft Defender RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34522

Microsoft Defender RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34501

Microsoft Excel RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34518

Microsoft Excel RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34479

Microsoft Visual Studio Spoofing Vulnerability

Spoofing

7.8

Less Likely

CVE-2021-34439

Microsoft Windows Media Foundation RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34441

Microsoft Windows Media Foundation RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34503

Microsoft Windows Media Foundation RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34452

Microsoft Word RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34521

Raw Image Extension RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34460

Storage Spaces Controller EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34512

Storage Spaces Controller EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34510

Storage Spaces Controller EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34513

Storage Spaces Controller EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34477

Visual Studio Code .NET Runtime EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34528

Visual Studio Code RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34529

Visual Studio Code RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34516

Win32k EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34504

Windows Address Book RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34459

Windows AppContainer EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-33784

Windows Cloud Files Mini Filter Driver EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34488

Windows Console Driver EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34461

Windows Container Isolation FS Filter Driver EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-33759

Windows Desktop Bridge EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34455

Windows File History Service EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34438

Windows Font Driver Host RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-34498

Windows GDI EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34511

Windows Installer EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34514

Windows Kernel EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-33740

Windows Media RCE Vulnerability

RCE

7.8

Less Likely

CVE-2021-33743

Windows Projected File System EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-33761

Windows Remote Access Connection Manager EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-33773

Windows Remote Access Connection Manager EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34456

Windows Remote Access Connection Manager EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-34445

Windows Remote Access Connection Manager EoP Vulnerability

EoP

7.8

Less Likely

CVE-2021-31979

Windows Kernel EoP Vulnerability

EoP

7.8

Detected

CVE-2021-33771

Windows Kernel EoP Vulnerability

EoP

7.8

Detected

CVE-2021-33758

Windows Hyper-V Denial of Service Vulnerability

Denial of Service

7.7

Less Likely

CVE-2021-31206

Microsoft Exchange Server RCE Vulnerability

RCE

7.6

Less Likely

CVE-2021-31984

Power BI RCE Vulnerability

RCE

7.6

Less Likely

CVE-2021-34476

Bowser.sys Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-33785

Windows AF_UNIX Socket Provider Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-34442

Windows DNS Server Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-33788

Windows LSA Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-31183

Windows TCP/IP Driver Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-34490

Windows TCP/IP Driver Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-33772

Windows TCP/IP Driver Denial of Service Vulnerability

Denial of Service

7.5

Less Likely

CVE-2021-33766

Microsoft Exchange Information Disclosure Vulnerability

Information Disclosure

7.3

Less Likely

CVE-2021-31196

Microsoft Exchange Server RCE Vulnerability

RCE

7.2

Less Likely

CVE-2021-34467

Microsoft SharePoint Server RCE Vulnerability

RCE

7.1

More Likely

CVE-2021-34468

Microsoft SharePoint Server RCE Vulnerability

RCE

7.1

More Likely

CVE-2021-34449

Win32k EoP Vulnerability

EoP

7

More Likely

CVE-2021-33751

Storage Spaces Controller EoP Vulnerability

EoP

7

Less Likely

CVE-2021-34462

Windows AppX Deployment Extensions EoP Vulnerability

EoP

7

Less Likely

CVE-2021-33774

Windows Event Tracing EoP Vulnerability

EoP

7

Less Likely

CVE-2021-34497

Windows MSHTML Platform RCE Vulnerability

RCE

6.8

Less Likely

CVE-2021-34447

Windows MSHTML Platform RCE Vulnerability

RCE

6.8

Less Likely

CVE-2021-34448

Scripting Engine Memory Corruption Vulnerability

RCE

6.8

Detected

CVE-2021-34493

Windows Partition Management Driver EoP Vulnerability

EoP

6.7

Less Likely

CVE-2021-33745

Windows DNS Server Denial of Service Vulnerability

Denial of Service

6.5

Less Likely

CVE-2021-34444

Windows DNS Server Denial of Service Vulnerability

Denial of Service

6.5

Less Likely

CVE-2021-34499

Windows DNS Server Denial of Service Vulnerability

Denial of Service

6.5

Less Likely

CVE-2021-34507

Windows Remote Assistance Information Disclosure Vulnerability

Information Disclosure

6.5

Less Likely

CVE-2021-33783

Windows SMB Information Disclosure Vulnerability

Information Disclosure

6.5

Less Likely

CVE-2021-33755

Windows Hyper-V Denial of Service Vulnerability

Denial of Service

6.3

Less Likely

CVE-2021-34500

Windows Kernel Memory Information Disclosure Vulnerability

Information Disclosure

6.3

Less Likely

CVE-2021-33765

Windows Installer Spoofing Vulnerability

Spoofing

6.2

Less Likely

CVE-2021-31961

Windows InstallService EoP Vulnerability

EoP

6.1

Less Likely

CVE-2021-33764

Windows Key Distribution Center Information Disclosure Vulnerability

Information Disclosure

5.9

Less Likely

CVE-2021-34466

Windows Hello SFB Vulnerability

SFB

5.7

Less Likely

CVE-2021-34440

GDI+ Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-33760

Media Foundation Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-34509

Storage Spaces Controller Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-34491

Win32k Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-33782

Windows Authenticode Spoofing Vulnerability

Spoofing

5.5

Less Likely

CVE-2021-34496

Windows GDI Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-33763

Windows Remote Access Connection Manager Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-34454

Windows Remote Access Connection Manager Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-34457

Windows Remote Access Connection Manager Information Disclosure Vulnerability

Information Disclosure

5.5

Less Likely

CVE-2021-34451

Microsoft Office Online Server Spoofing Vulnerability

Spoofing

5.3

Less Likely

CVE-2021-34519

Microsoft SharePoint Server Information Disclosure Vulnerability

Information Disclosure

5.3

Less Likely

CVE-2021-34517

Microsoft SharePoint Server Spoofing Vulnerability

Spoofing

5.3

Less Likely

CVE-2021-33744

Windows Secure Kernel Mode SFB Vulnerability

SFB

5.3

Less Likely

CVE-2021-33757

Windows Security Account Manager Remote Protocol SFB Vulnerability

SFB

5.3

Less Likely

CVE-2021-33753

Microsoft Bing Search Spoofing Vulnerability

Spoofing

4.7

Less Likely




 

Get Blog Updates

Related Articles

Summoning Cyber Awareness: Exorcising the Malevolent Realm of Remote Monitoring and Management Tools threat intel, 96bravo

Summoning Cyber Awareness: Exorcising the Malevolent Realm of Remote Monitoring and Management Tools

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity & Infrastructure ...
Patch Tuesday - August 2023 96bravo

Patch Tuesday - August 2023

*Important note: These are not the only vulnerabilities that have been recently released; however, these are the ...
Critical Security Vulnerabilities Bulletin