March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – ICS: Schneider Electric Multiple Security Vulnerabilities
July 14, 2021
Rewterz Threat Advisory – Multiple SAP NetWeaver Vulnerabilities
July 14, 2021
Rewterz Threat Advisory – ICS: Schneider Electric Multiple Security Vulnerabilities
July 14, 2021
Rewterz Threat Advisory – Multiple SAP NetWeaver Vulnerabilities
July 14, 2021
Severity
High
Analysis Summary
CVE-2021-33781
Microsoft Windows could allow a remote authenticated attacker to bypass security restrictions, cause by a flaw in Active Directory. An attacker could exploit this vulnerability to bypass security features to cause impact on confidentiality and integrity.
CVE-2021-34525
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the DNS Server. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34522
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in Defender. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34470
Microsoft Exchange Server could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-33784
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Cloud Files Mini Filter Driver. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-33785
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the AF_UNIX Socket Provider. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause the system to crash.
CVE-2021-33786
Microsoft Windows could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the LSA. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality and integrity.
CVE-2021-33788
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Console Driver. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34438
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Font Driver Host. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34439
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Media Foundation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34488
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Console Driver. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34516
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kernel. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34464
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in Defender. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34489
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the DirectWrite. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34514
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kernel. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges
CVE-2021-34513
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Storage Spaces Controller. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34490
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the TCP/IP Driver. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause the system to crash.
CVE-2021-34503
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Media component. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34504
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Address Book. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34455
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the File History Service. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34462
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the AppX Deployment Extensions. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34456
Microsoft could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Remote Access Connection Manager. By executing a specially-crafted program, an attacker could exploit this vulnerability to escalate privileges.
CVE-2021-34458
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Kernel. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34508
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Kernel. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.
CVE-2021-34459
Microsoft Windows could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the AppContainer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34512
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Storage Spaces Controller. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34460
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Storage Spaces Controller. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34510
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Storage Spaces Controller. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34511
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the installer. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34461
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kernel. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2021-34440
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the GDI+ component. By executing a specially-crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2021-33782
Microsoft Windows could allow a remote attacker to conduct spoofing attacks, cause by a flaw in the Authenticode. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to conduct a spoofing attack.
CVE-2021-34457
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Remote Access Connection Manager. By executing a specially-crafted program, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2021-34509
Microsoft Windows could allow a local attacker to obtain sensitive information, caused by a flaw in the Storage Spaces Controller. By executing a specially-crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2021-34454
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Shell. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2021-34507
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by a flaw in Remote Assistance. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2021-34451
Microsoft Office Online Server could allow a remote attacker to conduct spoofing attacks.
CVE-2021-34517
Microsoft SharePoint Server could allow a remote attacker to conduct spoofing attacks.
CVE-2021-34466
Microsoft Windows could allow a local attacker to bypass security restrictions, caused by a flaw in the Hello Security Feature. An attacker could exploit this vulnerability to bypass security feature to cause an impact on confidentiality and integrity.
CVE-2021-33783
Microsoft Windows could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the SMB. By executing a specially-crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
Impact
- Bypass security
- Code Execution
- Denial of Service
- Information Theft
- Unauthorized Access
Affected Vendors
Microsoft
Affected Products
- Microsoft Malware Protection Engine
- Microsoft Exchange Server 2016 CU21
- Microsoft Exchange Server 2019 CU10
- Microsoft Windows 10 1809 for x64-based Systems
- Microsoft Windows Server 2019
- Microsoft Windows 10 1809 for ARM64-based Systems
- Microsoft Windows Server 2012
- Microsoft Windows 10 x64
- Microsoft Windows Server 2016
- Microsoft Windows 7 SP1 x64
- Microsoft Office Online Server
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Enterprise Server 2016
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.