RedLegg CTI

19 min read

Critical Vulnerabilities Bulletin -September 2021

https://www.redlegg.com/hubfs/Theme-2024/overlay-red.png

TABLE OF CONTENTS

NEW BLOGS

Vulnerability Bulletins

Emergency Security Bulletin: Cleartext Transmission of Sensitive...

Vulnerability Bulletins

Patch Tuesday - October 2025

Vulnerability Bulletins

Emergency Security Bulletin: Gladinet CentreStack / TrioFox Local...

Vulnerability Bulletins

Emergency Security Bulletin: Cisco ASA / FTD VPN Web Server Remote...

By: RedLegg Blog

09/15/21 02:56 PM

Open Management Infrastructure Remote Code Execution Vulnerability

Identifier: CVE-2021-38647

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647

Description: CVE-2021-38647 allows an attacker to remotely execute code in Azure via the vulnerable Open Management Infrastructure component.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Patching is currently the only mitigation.

Windows Bind Filter Driver Elevation of Privilege Vulnerability

Identifier: CVE-2021-36954

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36954

Description: CVE-2021-36954 allows an attacker to elevate privilege on a host with the vulnerable Bind Filter Driver.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Patching is currently the only mitigation.

Windows WLAN AutoConfig Service Remote Code Execution Vulnerability

Identifier: CVE-2021-36965

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36965

Description: CVE-2021-36965 allows an attacker to remotely execute code on a host via the vulnerable Windows WLAN AutoConfig component.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Patching is currently the only mitigation.

Windows Scripting Engine Memory Corruption Vulnerability

Identifier: CVE-2021-26435

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26435

Description: CVE-2021-26435 allows an attacker to remotely execute code on a host via the vulnerable Windows Scripting Engine.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Patching is currently the only mitigation.

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

Identifier: CVE-2021-36967

Exploit or POC: No.

Update: https://msrc.microsoft.com/update-guide/vulnerability/ CVE-2021-36967

Description: CVE-2021-36967 allows an attacker to to elevate privileges on a host via the vulnerable Windows WLAN AutoConfig component.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Patching is currently the only mitigation.

Microsoft MSHTML Remote Code Execution Vulnerability

Identifier: CVE-2021-40444

Exploit or POC: Yes.

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

Description: CVE-2021-40444 allows an attacker to remotely execute code on a host via the vulnerable MSHTML component. This vulnerability is actively being exploited and used to install CobaltStrike payloads onto vulnerable hosts.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Microsoft has offered alternative mitigation steps if patching is not possible at this time. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

CVE	Product	Impact	CVSS v3
CVE-2021-38647	Azure Open Management Infrastructure	Remote Code Execution	9.8
CVE-2021-40444	Windows 10 Version 1607 for 32-bit Systems	Remote Code Execution	8.8
CVE-2021-36954	Windows 10 Version 1809 for 32-bit Systems	Elevation of Privilege	8.8
CVE-2021-36965	Windows 10 Version 1607 for 32-bit Systems	Remote Code Execution	8.8
CVE-2021-26435	Windows 10 Version 1607 for 32-bit Systems	Remote Code Execution	8.1
CVE-2021-36967	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	8
CVE-2021-38661	HEVC Video Extensions	Remote Code Execution	7.8
CVE-2021-38655	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	7.8
CVE-2021-38644	MPEG-2 Video Extension	Remote Code Execution	7.8
CVE-2021-38646	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	7.8
CVE-2021-38660	Microsoft Excel 2013 RT Service Pack 1	Remote Code Execution	7.8
CVE-2021-38658	Microsoft Office 2013 RT Service Pack 1	Remote Code Execution	7.8
CVE-2021-38659	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	7.8
CVE-2021-38653	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	7.8
CVE-2021-38654	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	7.8
CVE-2021-38656	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	7.8
CVE-2021-38645	Azure Open Management Infrastructure	Elevation of Privilege	7.8
CVE-2021-38648	Azure Open Management Infrastructure	Elevation of Privilege	7.8
CVE-2021-26434	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)	Elevation of Privilege	7.8
CVE-2021-36952	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)	Remote Code Execution	7.8
CVE-2021-38639	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36975	Windows 10 Version 1809 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38628	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38638	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36955	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36963	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38633	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36968	Windows 7 for 32-bit Systems Service Pack 1	Elevation of Privilege	7.8
CVE-2021-36964	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38630	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38625	Windows Server 2008 for 32-bit Systems Service Pack 2	Elevation of Privilege	7.8
CVE-2021-38626	Windows Server 2008 for 32-bit Systems Service Pack 2	Elevation of Privilege	7.8
CVE-2021-38667	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-40447	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38671	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36973	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36974	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-36966	Windows 10 Version 1809 for 32-bit Systems	Elevation of Privilege	7.8
CVE-2021-38650	Microsoft 365 Apps for Enterprise for 32-bit Systems	Spoofing	7.6
CVE-2021-38651	Microsoft SharePoint Enterprise Server 2016	Spoofing	7.6
CVE-2021-38652	Microsoft SharePoint Enterprise Server 2016	Spoofing	7.6
CVE-2021-36960	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	7.5
CVE-2021-38634	Windows 10 Version 1607 for 32-bit Systems	Elevation of Privilege	7.1
CVE-2021-38649	Azure Open Management Infrastructure	Elevation of Privilege	7
CVE-2021-38629	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	6.5
CVE-2021-38624	Windows 10 Version 1607 for 32-bit Systems	Security Feature Bypass	6.5
CVE-2021-38669	Microsoft Edge (Chromium-based)	Tampering	6.4
CVE-2021-40448	Accessibility Insights for Android	Information Disclosure	6.3
CVE-2021-26436	Microsoft Edge (Chromium-based)	Elevation of Privilege	6.1
CVE-2021-38641	Microsoft Edge (Chromium-based)	Spoofing	6.1
CVE-2021-38642	Microsoft Edge (Chromium-based)	Spoofing	6.1
CVE-2021-38657	Microsoft 365 Apps for Enterprise for 32-bit Systems	Remote Code Execution	6.1
CVE-2021-38632	Windows 10 Version 1607 for 32-bit Systems	Security Feature Bypass	5.7
CVE-2021-26437	Visual Studio Code	Spoofing	5.5
CVE-2021-36959	Windows 10 Version 1607 for 32-bit Systems	Spoofing	5.5
CVE-2021-36961	Windows 10 Version 1607 for 32-bit Systems	Denial of Service	5.5
CVE-2021-36962	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	5.5
CVE-2021-36969	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	5.5
CVE-2021-38635	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	5.5
CVE-2021-38636	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	5.5
CVE-2021-36972	Windows 10 Version 1607 for 32-bit Systems	Information Disclosure	5.5
CVE-2021-38637	Windows 10 Version 1809 for 32-bit Systems	Information Disclosure	5.5
CVE-2021-40440	Microsoft Dynamics 365 Business Central 2020 Release Wave 2 ‚Äì Update 17.10	Spoofing	5.4
CVE-2021-36930	Microsoft Edge (Chromium-based)	Elevation of Privilege	5.3
CVE-2021-26439	Microsoft Edge for Android	Information Disclosure	4.6
CVE-2021-36956	Azure Sphere	Information Disclosure	4.4
CVE-2021-30606	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30607	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30608	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30609	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30610	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30611	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30612	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30613	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30614	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30615	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30616	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30617	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30618	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30619	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30620	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30621	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30622	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30623	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30624	Microsoft Edge (Chromium-based)	-	0
CVE-2021-30632	Microsoft Edge (Chromium-based)	-	0

Subscribe Now!

Sign up to receive our latest cybersecurity insights.

Group 658

NEW BLOGS

Vulnerability Bulletins

Emergency Security Bulletin: Cleartext Transmission of Sensitive...

Vulnerability Bulletins

Patch Tuesday - October 2025

Vulnerability Bulletins

Emergency Security Bulletin: Gladinet CentreStack / TrioFox Local...

Vulnerability Bulletins

Emergency Security Bulletin: Cisco ASA / FTD VPN Web Server Remote...

Similar Blogs

Hands around a Ouija board

Threat Intelligence RedLegg CTI

Summoning Cyber Awareness: Exorcising the Malevolent Realm...

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity &...

Read More

96 Bravo Critical Security Bulletin

RedLegg CTI

Patch Tuesday - August 2023

*Important note: These are not the only vulnerabilities that have been recently released; however,...

Read More

Emergency Security Bulletin | RedLegg | 96Bravo

Threat Intelligence RedLegg CTI

Emergency Security Bulletin - Citrix ADC and Citrix Gateway

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release...

Read More

MDR Services

MDR with Managed SIEM

MDR with Managed EDR

MDR Cyberfusion

Automation-as-a-Service

Phishing Response

Penetration Testing

Network Penetration
Testing

Application Assessment

Physical Penetration
Testing

Vulnerability Scanning

Identity Services

Identity & Access Management

Identity Governance & Administration

Privileged Access Management

Advisory Services

Tabletop Exercise

GRC Gap Assessment

HIPAA Risk Assessment

Business Impact Analysis

NIST CSF Assessment

Company

Connect with Us

(312) 757-4941

©2025, RedLegg | Privacy Policy