Microsoft security update-CVE-2021-35247

February 1, 2022

NAME

MicrosoftWindows

  • Platforms Affected:
    Windows

  • Risk Level:
    low

  • CVE Type:
    RCE

DESCRIPTION

CVE-2021-35247 is a remote code execution (RCE) vulnerability impacting multiple products and versions of Microsoft Windows. A proof of concept (PoC) was observed in open source and a link to a PoC was shared in the underground.

CVSS Information:

  • CVSS 2.0 SCORE:
  • CVSS 3.0 SCORE: 9.8

  • Exploit Disclosed in the Public:
    true

  • Exploit Weaponised:


  • PoC Link:
    hXXps://packetstormsecurity[.]com/files/165566/HTTP-Protocol-Stack-Denial-Of-Service-Remote-Code-Execution[.]html

MITIGATION

Microsoft addressed the vulnerability in a security advisory with a patch.

  • Reference Link:
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21907

  • Patch Available:
    available

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

image

[INCRANSOM] – Ransomware Victim: Darlington EMS

November 23, 2024
image

[INCRANSOM] – Ransomware Victim: Schuck-Gruppe

November 23, 2024
image

[APT73] – Ransomware Victim: gureco[.]pl

November 23, 2024
image

[APT73] – Ransomware Victim: lgpunjab[.]gov[.]in

November 23, 2024
image

[INCRANSOM] – Ransomware Victim: IPE Engwicht

November 23, 2024