Rewterz Threat Advisory – Chinese Gas Pipeline Intrusion Campaign – Active IOCs
July 21, 2021Rewterz Threat Advisory – Multiple NVIDIA GPU Security Vulnerabilities
July 21, 2021Rewterz Threat Advisory – Chinese Gas Pipeline Intrusion Campaign – Active IOCs
July 21, 2021Rewterz Threat Advisory – Multiple NVIDIA GPU Security Vulnerabilities
July 21, 2021Severity
High
Analysis Summary
CVE-2021-36934
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges..
Impact
- Privilege Escalation
- Unauthorized Access
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows 10 1809 for x64-based Systems
- Microsoft Windows 10 1809 for 32-bit Systems
- Microsoft Windows 10 1809 for ARM64-based Systems
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.