Vulnerability-Lookup

CVE-2021-31166 (GCVE-0-2021-31166)

Vulnerability from cvelistv5 – Published: 2021-05-11 19:11 – Updated: 2025-10-21 23:25

CISA KEV KEVintel KEV

Title

HTTP Protocol Stack Remote Code Execution Vulnerability

Summary

HTTP Protocol Stack Remote Code Execution Vulnerability

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: active Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

Remote Code Execution
CWE-416 - Use After Free

Assigner

microsoft

References

3 references

URL	Tags
https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_MISC
http://packetstormsecurity.com/files/162722/Micro…	x_refsource_MISC
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

Impacted products

4 products

Vendor	Product	Version
Microsoft	Windows 10 Version 2004	Affected: 10.0.0 , < 10.0.19041.982 (custom) cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982::::::x64:
Microsoft	Windows Server version 2004	Affected: 10.0.0 , < 10.0.19041.982 (custom) cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:::::::*
Microsoft	Windows 10 Version 20H2	Affected: 10.0.0 , < 10.0.19042.982 (custom) cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982::::::x86: cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982::::::arm64:
Microsoft	Windows Server version 20H2	Affected: 10.0.0 , < 10.0.19042.982 (custom) cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:::::::*

Date Public

2021-05-11 07:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: cc656da8-bb7b-4267-8519-01fa39a58e99

Vulnerability ID: CVE-2021-31166

Status: Confirmed

Status Updated: 2022-04-06 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-04-06

Asserted: 2022-04-06

Scope

Notes: KEV entry: Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability | Affected: Microsoft / HTTP Protocol Stack | Description: Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-04-27 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2021-31166

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-416
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	HTTP Protocol Stack
Due Date	2022-04-27
Date Added	2022-04-06
Vendorproject	Microsoft
Vulnerabilityname	Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2021-31166

Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 8de1af71-a8f4-44c9-b019-d727b1ec3a03

Vulnerability ID: CVE-2021-31166

Status: Confirmed

Status Updated: 2022-04-06 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-04-06

Asserted: 2022-04-06

Scope

Notes: KEVIntel entry: HTTP Protocol Stack Remote Code Execution Vulnerability | Affected: Microsoft / Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2 | CVSS: 9.8 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	HTTP Protocol Stack Remote Code Execution Vulnerability
Vendor	Microsoft
Product	Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2
Added Date	2022-04-06T00:00:00.000Z
Cvss Score	9.8
Epss Score	None
Cvss Severity	CRITICAL
Epss Percentile	None
Used In Malware	unknown
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	False

References

Created: 2026-06-19 12:47 UTC | Updated: 2026-06-19 12:47 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:52.129Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-31166",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T14:36:57.411562Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-04-06",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:25:45.988Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-04-06T00:00:00.000Z",
            "value": "CVE-2021-31166 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-05-11T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "HTTP Protocol Stack Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-28T23:56:49.266Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
        }
      ],
      "title": "HTTP Protocol Stack Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-31166",
    "datePublished": "2021-05-11T19:11:19.000Z",
    "dateReserved": "2021-04-14T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:25:45.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-31166",
      "cwes": "[\"CWE-416\"]",
      "dateAdded": "2022-04-06",
      "dueDate": "2022-04-27",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-31166",
      "product": "HTTP Protocol Stack",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability"
    },
    "epss": {
      "cve": "CVE-2021-31166",
      "date": "2026-06-19",
      "epss": "0.99657",
      "percentile": "0.99947"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-04-27",
      "cisaExploitAdd": "2022-04-06",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19041.982\", \"matchCriteriaId\": \"F170C517-0312-457D-9108-ECA6638C8223\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19042.982\", \"matchCriteriaId\": \"957F366C-FD59-479A-A6C5-F93E35436549\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19041.982\", \"matchCriteriaId\": \"BD0A39ED-F4B4-4C2D-BDB4-088426F2377B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19042.982\", \"matchCriteriaId\": \"F42A77A0-2B44-4C08-8BBB-851B22AED6E8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"HTTP Protocol Stack Remote Code Execution Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Ejecuci\\u00f3n de C\\u00f3digo Remota de HTTP Protocol Stack\"}]",
      "id": "CVE-2021-31166",
      "lastModified": "2024-11-21T06:05:13.067",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-05-11T19:15:09.300",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-31166\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2021-05-11T19:15:09.300\",\"lastModified\":\"2025-10-30T19:55:18.167\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HTTP Protocol Stack Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de HTTP Protocol Stack\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-04-06\",\"cisaActionDue\":\"2022-04-27\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19041.982\",\"matchCriteriaId\":\"F170C517-0312-457D-9108-ECA6638C8223\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19042.982\",\"matchCriteriaId\":\"957F366C-FD59-479A-A6C5-F93E35436549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19041.982\",\"matchCriteriaId\":\"BD0A39ED-F4B4-4C2D-BDB4-088426F2377B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19042.982\",\"matchCriteriaId\":\"F42A77A0-2B44-4C08-8BBB-851B22AED6E8\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T22:55:52.129Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-31166\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T14:36:57.411562Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-04-06\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-04-06T00:00:00.000Z\", \"value\": \"CVE-2021-31166 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T14:37:11.441Z\"}}], \"cna\": {\"title\": \"HTTP Protocol Stack Remote Code Execution Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*\"], \"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 2004\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.19041.982\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Windows Server version 2004\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.19041.982\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*\", \"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:arm64:*\"], \"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 20H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.19042.982\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Windows Server version 20H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.19042.982\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2021-05-11T07:00:00.000Z\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"HTTP Protocol Stack Remote Code Execution Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"Impact\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2023-12-28T23:56:49.266Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-31166\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:25:45.988Z\", \"dateReserved\": \"2021-04-14T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2021-05-11T19:11:19.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2021-ALE-009

Vulnerability from certfr_alerte - Published: - Updated:

[version du 21 mai 2021]

Le CERT-FR a connaissance de l'existence de codes d'attaques publics provoquant un déni de service sur l'équipement ciblé. Il est fortement recommandé de mettre à jour les postes de travail et les serveurs installés avec les versions du système d'exploitation affectées par cette vulnérabilité.

[version initiale]

Le système d'exploitation Microsoft Windows propose un service de gestion des requêtes HTTP sous la forme d'un pilote en mode noyau appelé http.sys. Une vulnérabilité a été découverte dans ce pilote pour Windows Server et Windows 10. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et l'éditeur considère qu'elle peut être exploitée dans le cadre d'attaques à propagation de type "ver informatique".

Le pilote http.sys est notamment utilisé par Microsoft IIS, le service Windows Remote Management (WinRM) ainsi que le service SSDP. Il est donc présent sur les serveurs mais également sur les postes de travail. Par conséquent, le CERT-FR recommande de considérer que l'ensemble des machines utilisant une version de Windows affectée est vulnérable.

La vulnérabilité a été découverte par l'éditeur, cependant la probabilité que des codes d'attaques soient mis au point rapidement est très élevée.

Solution

Le CERT-FR recommande de procéder sans délai à la mise à jour des systèmes d'exploitation affectés en commençant par les machines exposées sur des réseaux non sécurisés.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows 10 version 20H2
Microsoft	Windows	Windows Server version 2004
Microsoft	Windows	Windows Server version 20H2
Microsoft	Windows	Windows 10 version 2004

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2021-31166 du 11 mai 2021	None	vendor-advisory
Avis de sécurité CERT-FR CERTFR-2021-AVI-367 du 12 mai 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows 10 version 20H2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server version 2004",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server version 20H2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 version 2004",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2021-06-10",
  "content": "## Solution\n\n**Le CERT-FR recommande de proc\u00e9der sans d\u00e9lai \u00e0 la mise \u00e0 jour des\nsyst\u00e8mes d\u0027exploitation affect\u00e9s en commen\u00e7ant par les machines expos\u00e9es\nsur des r\u00e9seaux non s\u00e9curis\u00e9s.**\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-ALE-009",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-12T00:00:00.000000"
    },
    {
      "description": "Des codes d\u0027attaques sont d\u00e9sormais publics.",
      "revision_date": "2021-05-21T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2021-06-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[version du 21 mai 2021\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance de l\u0027existence de codes d\u0027attaques publics\nprovoquant un d\u00e9ni de service sur l\u0027\u00e9quipement cibl\u00e9. Il est fortement\nrecommand\u00e9 de mettre \u00e0 jour les postes de travail et les serveurs\ninstall\u00e9s avec les versions du syst\u00e8me d\u0027exploitation affect\u00e9es par\ncette vuln\u00e9rabilit\u00e9.\n\n\u003cstrong\u003e\\[version initiale\\]\u003c/strong\u003e\n\nLe syst\u00e8me d\u0027exploitation Microsoft Windows propose un service de\ngestion des requ\u00eates HTTP sous la forme d\u0027un pilote en mode noyau appel\u00e9\nhttp.sys. Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ce pilote pour Windows\nServer et Windows 10. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance et l\u0027\u00e9diteur consid\u00e8re qu\u0027elle\npeut \u00eatre exploit\u00e9e dans le cadre d\u0027attaques \u00e0 propagation de type \"ver\ninformatique\".\n\nLe pilote http.sys est notamment utilis\u00e9 par Microsoft IIS, le service\nWindows Remote Management (WinRM) ainsi que le service SSDP. Il est donc\npr\u00e9sent sur les serveurs mais \u00e9galement sur les postes de travail. Par\ncons\u00e9quent, le CERT-FR recommande de consid\u00e9rer que l\u0027ensemble des\nmachines utilisant une version de Windows affect\u00e9e est vuln\u00e9rable.\n\nLa vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte par l\u0027\u00e9diteur, cependant la\nprobabilit\u00e9 que des codes d\u0027attaques soient mis au point rapidement est\ntr\u00e8s \u00e9lev\u00e9e.\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31166 du 11 mai 2021",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 CERT-FR CERTFR-2021-AVI-367 du 12 mai 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-367/"
    }
  ]
}

CERTFR-2021-ALE-009

Vulnerability from certfr_alerte - Published: - Updated:

[version du 21 mai 2021]

[version initiale]

La vulnérabilité a été découverte par l'éditeur, cependant la probabilité que des codes d'attaques soient mis au point rapidement est très élevée.

Solution

Le CERT-FR recommande de procéder sans délai à la mise à jour des systèmes d'exploitation affectés en commençant par les machines exposées sur des réseaux non sécurisés.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows 10 version 20H2
Microsoft	Windows	Windows Server version 2004
Microsoft	Windows	Windows Server version 20H2
Microsoft	Windows	Windows 10 version 2004

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2021-31166 du 11 mai 2021	None	vendor-advisory
Avis de sécurité CERT-FR CERTFR-2021-AVI-367 du 12 mai 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows 10 version 20H2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server version 2004",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server version 20H2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 version 2004",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2021-06-10",
  "content": "## Solution\n\n**Le CERT-FR recommande de proc\u00e9der sans d\u00e9lai \u00e0 la mise \u00e0 jour des\nsyst\u00e8mes d\u0027exploitation affect\u00e9s en commen\u00e7ant par les machines expos\u00e9es\nsur des r\u00e9seaux non s\u00e9curis\u00e9s.**\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-ALE-009",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-12T00:00:00.000000"
    },
    {
      "description": "Des codes d\u0027attaques sont d\u00e9sormais publics.",
      "revision_date": "2021-05-21T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2021-06-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[version du 21 mai 2021\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance de l\u0027existence de codes d\u0027attaques publics\nprovoquant un d\u00e9ni de service sur l\u0027\u00e9quipement cibl\u00e9. Il est fortement\nrecommand\u00e9 de mettre \u00e0 jour les postes de travail et les serveurs\ninstall\u00e9s avec les versions du syst\u00e8me d\u0027exploitation affect\u00e9es par\ncette vuln\u00e9rabilit\u00e9.\n\n\u003cstrong\u003e\\[version initiale\\]\u003c/strong\u003e\n\nLe syst\u00e8me d\u0027exploitation Microsoft Windows propose un service de\ngestion des requ\u00eates HTTP sous la forme d\u0027un pilote en mode noyau appel\u00e9\nhttp.sys. Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ce pilote pour Windows\nServer et Windows 10. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance et l\u0027\u00e9diteur consid\u00e8re qu\u0027elle\npeut \u00eatre exploit\u00e9e dans le cadre d\u0027attaques \u00e0 propagation de type \"ver\ninformatique\".\n\nLe pilote http.sys est notamment utilis\u00e9 par Microsoft IIS, le service\nWindows Remote Management (WinRM) ainsi que le service SSDP. Il est donc\npr\u00e9sent sur les serveurs mais \u00e9galement sur les postes de travail. Par\ncons\u00e9quent, le CERT-FR recommande de consid\u00e9rer que l\u0027ensemble des\nmachines utilisant une version de Windows affect\u00e9e est vuln\u00e9rable.\n\nLa vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte par l\u0027\u00e9diteur, cependant la\nprobabilit\u00e9 que des codes d\u0027attaques soient mis au point rapidement est\ntr\u00e8s \u00e9lev\u00e9e.\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31166 du 11 mai 2021",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 CERT-FR CERTFR-2021-AVI-367 du 12 mai 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-367/"
    }
  ]
}

CERTFR-2021-AVI-367

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code à distance, une atteinte à la confidentialité des données, une usurpation d'identité, un déni de service et un contournement de la fonctionnalité de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 Version 2004 pour systèmes 32 bits
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server, version 2004 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows 10 Version 1803 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1803 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes x64
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows 7 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 1809 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 2004 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1909 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1803 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows Server, version 1909 (Server Core installation)
Microsoft	Windows	Windows 10 Version 2004 pour systèmes x64
Microsoft	Windows	Windows 8.1 pour systèmes x64
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows 8.1 pour systèmes 32 bits
Microsoft	Windows	Windows Server, version 20H2 (Server Core Installation)
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows 10 Version 20H2 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 7 pour systèmes 32 bits Service Pack 1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 11 mai 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 2004 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1909 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 20H2 (Server Core Installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-31167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31167"
    },
    {
      "name": "CVE-2021-31192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31192"
    },
    {
      "name": "CVE-2021-31188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31188"
    },
    {
      "name": "CVE-2020-24587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
    },
    {
      "name": "CVE-2021-31186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31186"
    },
    {
      "name": "CVE-2021-31168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31168"
    },
    {
      "name": "CVE-2021-31190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31190"
    },
    {
      "name": "CVE-2021-31165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31165"
    },
    {
      "name": "CVE-2021-31208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31208"
    },
    {
      "name": "CVE-2021-31182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31182"
    },
    {
      "name": "CVE-2021-28455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28455"
    },
    {
      "name": "CVE-2021-31194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31194"
    },
    {
      "name": "CVE-2021-31191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31191"
    },
    {
      "name": "CVE-2021-31187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31187"
    },
    {
      "name": "CVE-2020-24588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
    },
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    },
    {
      "name": "CVE-2020-26144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
    },
    {
      "name": "CVE-2021-31170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31170"
    },
    {
      "name": "CVE-2021-31185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31185"
    },
    {
      "name": "CVE-2021-31184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31184"
    },
    {
      "name": "CVE-2021-28476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28476"
    },
    {
      "name": "CVE-2021-31193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31193"
    },
    {
      "name": "CVE-2021-28479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28479"
    },
    {
      "name": "CVE-2021-31169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31169"
    },
    {
      "name": "CVE-2021-31205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31205"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-367",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de code \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une usurpation\nd\u0027identit\u00e9, un d\u00e9ni de service et un contournement de la fonctionnalit\u00e9\nde s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 11 mai 2021",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2021-AVI-622

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Modicon et PLC Simulator (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-04)
Schneider Electric	N/A	Pro-face GP-Pro EX versions antérieures à V4.09.300
Schneider Electric	N/A	Vijeo Designer versions antérieures à V6.2 SP11
Schneider Electric	N/A	EcoStruxure Process Expert toutes versions (inclus HDCS) et SCADAPack RemoteConnect pour x70 (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-02)
Schneider Electric	N/A	AccuSine PCS+ / PFV+ versions antérieures à V1.6.7
Schneider Electric	N/A	Vijeo Designer Basic versions antérieures à V1.2
Schneider Electric	N/A	EcoStruxure Control Expert versions antérieures à V15.0 SP1 (suivre la procédure de remédiation décrite dans le bulletin SEVD-2021-222-02)
Schneider Electric	N/A	AccuSine PCSn versions antérieures à V2.2.4
Schneider Electric	N/A	EcoStruxure Machine Expert versions antérieures à V2.0
Schneider Electric	N/A	SHAIIS-MT-111, SHASU-MT-107, SHFK-MT et SHFK-MT-104 sans le dernier correctif pour Windows
Schneider Electric	N/A	Programmable Automation Controller (PacDrive) M versions antérieures à 3 (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-06)

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SEVD-2021-222-08 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-07 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-03 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-01 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-05 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-04 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-02 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-06 du 10 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Modicon et PLC Simulator (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-04)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Pro-face GP-Pro EX versions ant\u00e9rieures \u00e0 V4.09.300",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Vijeo Designer versions ant\u00e9rieures \u00e0 V6.2 SP11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Process Expert toutes versions (inclus HDCS) et SCADAPack RemoteConnect pour x70 (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-02)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "AccuSine PCS+ / PFV+ versions ant\u00e9rieures \u00e0 V1.6.7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Vijeo Designer Basic versions ant\u00e9rieures \u00e0 V1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Control Expert versions ant\u00e9rieures \u00e0 V15.0 SP1 (suivre la proc\u00e9dure de rem\u00e9diation d\u00e9crite dans le bulletin SEVD-2021-222-02)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "AccuSine PCSn versions ant\u00e9rieures \u00e0 V2.2.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Machine Expert versions ant\u00e9rieures \u00e0 V2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "SHAIIS-MT-111, SHASU-MT-107, SHFK-MT et SHFK-MT-104 sans le dernier correctif pour Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Programmable Automation Controller (PacDrive) M versions ant\u00e9rieures \u00e0 3 (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-06)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21814"
    },
    {
      "name": "CVE-2021-34527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34527"
    },
    {
      "name": "CVE-2021-22791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22791"
    },
    {
      "name": "CVE-2021-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21830"
    },
    {
      "name": "CVE-2021-21828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21828"
    },
    {
      "name": "CVE-2021-21810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21810"
    },
    {
      "name": "CVE-2021-21813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21813"
    },
    {
      "name": "CVE-2021-22790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22790"
    },
    {
      "name": "CVE-2021-21825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21825"
    },
    {
      "name": "CVE-2021-21829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21829"
    },
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    },
    {
      "name": "CVE-2021-1675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-1675"
    },
    {
      "name": "CVE-2021-21826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21826"
    },
    {
      "name": "CVE-2021-21812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21812"
    },
    {
      "name": "CVE-2021-30186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30186"
    },
    {
      "name": "CVE-2021-21827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21827"
    },
    {
      "name": "CVE-2021-30188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30188"
    },
    {
      "name": "CVE-2021-22789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22789"
    },
    {
      "name": "CVE-2021-21815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21815"
    },
    {
      "name": "CVE-2021-22792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22792"
    },
    {
      "name": "CVE-2021-22793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22793"
    },
    {
      "name": "CVE-2021-22704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22704"
    },
    {
      "name": "CVE-2021-30195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30195"
    },
    {
      "name": "CVE-2021-21811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21811"
    },
    {
      "name": "CVE-2021-22775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22775"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-622",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-08 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-08"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-07 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-03 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-01 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-05 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-04 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-02 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-06 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    }
  ]
}

CERTFR-2021-AVI-367

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 Version 2004 pour systèmes 32 bits
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server, version 2004 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows 10 Version 1803 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1803 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes x64
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows 7 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 1809 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 2004 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1909 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1803 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows Server, version 1909 (Server Core installation)
Microsoft	Windows	Windows 10 Version 2004 pour systèmes x64
Microsoft	Windows	Windows 8.1 pour systèmes x64
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows 8.1 pour systèmes 32 bits
Microsoft	Windows	Windows Server, version 20H2 (Server Core Installation)
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows 10 Version 20H2 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 7 pour systèmes 32 bits Service Pack 1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 11 mai 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 2004 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1909 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 20H2 (Server Core Installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-31167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31167"
    },
    {
      "name": "CVE-2021-31192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31192"
    },
    {
      "name": "CVE-2021-31188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31188"
    },
    {
      "name": "CVE-2020-24587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
    },
    {
      "name": "CVE-2021-31186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31186"
    },
    {
      "name": "CVE-2021-31168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31168"
    },
    {
      "name": "CVE-2021-31190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31190"
    },
    {
      "name": "CVE-2021-31165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31165"
    },
    {
      "name": "CVE-2021-31208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31208"
    },
    {
      "name": "CVE-2021-31182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31182"
    },
    {
      "name": "CVE-2021-28455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28455"
    },
    {
      "name": "CVE-2021-31194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31194"
    },
    {
      "name": "CVE-2021-31191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31191"
    },
    {
      "name": "CVE-2021-31187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31187"
    },
    {
      "name": "CVE-2020-24588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
    },
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    },
    {
      "name": "CVE-2020-26144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
    },
    {
      "name": "CVE-2021-31170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31170"
    },
    {
      "name": "CVE-2021-31185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31185"
    },
    {
      "name": "CVE-2021-31184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31184"
    },
    {
      "name": "CVE-2021-28476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28476"
    },
    {
      "name": "CVE-2021-31193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31193"
    },
    {
      "name": "CVE-2021-28479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28479"
    },
    {
      "name": "CVE-2021-31169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31169"
    },
    {
      "name": "CVE-2021-31205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31205"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-367",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de code \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une usurpation\nd\u0027identit\u00e9, un d\u00e9ni de service et un contournement de la fonctionnalit\u00e9\nde s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 11 mai 2021",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2021-AVI-622

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Modicon et PLC Simulator (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-04)
Schneider Electric	N/A	Pro-face GP-Pro EX versions antérieures à V4.09.300
Schneider Electric	N/A	Vijeo Designer versions antérieures à V6.2 SP11
Schneider Electric	N/A	EcoStruxure Process Expert toutes versions (inclus HDCS) et SCADAPack RemoteConnect pour x70 (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-02)
Schneider Electric	N/A	AccuSine PCS+ / PFV+ versions antérieures à V1.6.7
Schneider Electric	N/A	Vijeo Designer Basic versions antérieures à V1.2
Schneider Electric	N/A	EcoStruxure Control Expert versions antérieures à V15.0 SP1 (suivre la procédure de remédiation décrite dans le bulletin SEVD-2021-222-02)
Schneider Electric	N/A	AccuSine PCSn versions antérieures à V2.2.4
Schneider Electric	N/A	EcoStruxure Machine Expert versions antérieures à V2.0
Schneider Electric	N/A	SHAIIS-MT-111, SHASU-MT-107, SHFK-MT et SHFK-MT-104 sans le dernier correctif pour Windows
Schneider Electric	N/A	Programmable Automation Controller (PacDrive) M versions antérieures à 3 (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-06)

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SEVD-2021-222-08 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-07 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-03 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-01 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-05 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-04 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-02 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-06 du 10 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Modicon et PLC Simulator (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-04)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Pro-face GP-Pro EX versions ant\u00e9rieures \u00e0 V4.09.300",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Vijeo Designer versions ant\u00e9rieures \u00e0 V6.2 SP11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Process Expert toutes versions (inclus HDCS) et SCADAPack RemoteConnect pour x70 (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-02)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "AccuSine PCS+ / PFV+ versions ant\u00e9rieures \u00e0 V1.6.7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Vijeo Designer Basic versions ant\u00e9rieures \u00e0 V1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Control Expert versions ant\u00e9rieures \u00e0 V15.0 SP1 (suivre la proc\u00e9dure de rem\u00e9diation d\u00e9crite dans le bulletin SEVD-2021-222-02)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "AccuSine PCSn versions ant\u00e9rieures \u00e0 V2.2.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Machine Expert versions ant\u00e9rieures \u00e0 V2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "SHAIIS-MT-111, SHASU-MT-107, SHFK-MT et SHFK-MT-104 sans le dernier correctif pour Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Programmable Automation Controller (PacDrive) M versions ant\u00e9rieures \u00e0 3 (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-06)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21814"
    },
    {
      "name": "CVE-2021-34527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34527"
    },
    {
      "name": "CVE-2021-22791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22791"
    },
    {
      "name": "CVE-2021-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21830"
    },
    {
      "name": "CVE-2021-21828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21828"
    },
    {
      "name": "CVE-2021-21810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21810"
    },
    {
      "name": "CVE-2021-21813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21813"
    },
    {
      "name": "CVE-2021-22790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22790"
    },
    {
      "name": "CVE-2021-21825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21825"
    },
    {
      "name": "CVE-2021-21829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21829"
    },
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    },
    {
      "name": "CVE-2021-1675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-1675"
    },
    {
      "name": "CVE-2021-21826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21826"
    },
    {
      "name": "CVE-2021-21812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21812"
    },
    {
      "name": "CVE-2021-30186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30186"
    },
    {
      "name": "CVE-2021-21827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21827"
    },
    {
      "name": "CVE-2021-30188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30188"
    },
    {
      "name": "CVE-2021-22789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22789"
    },
    {
      "name": "CVE-2021-21815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21815"
    },
    {
      "name": "CVE-2021-22792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22792"
    },
    {
      "name": "CVE-2021-22793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22793"
    },
    {
      "name": "CVE-2021-22704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22704"
    },
    {
      "name": "CVE-2021-30195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30195"
    },
    {
      "name": "CVE-2021-21811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21811"
    },
    {
      "name": "CVE-2021-22775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22775"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-622",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-08 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-08"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-07 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-03 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-01 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-05 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-04 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-02 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-06 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    }
  ]
}

BDU:2021-02715

Vulnerability from fstec - Published: 11.05.2021

Title

Уязвимость сетевого стека HTTP Protocol Stack операционных систем Microsoft Windows, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость сетевого стека HTTP Protocol Stack операционных систем Microsoft Windows связана с использованием памяти после её освобождения. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код с помощью специально созданного HTTP запроса

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Microsoft Corp

Software Name

Windows 10 2004, Windows Server 2004 (Server Core Installation), Windows 10 20H2, Windows Server 20H2 (Server Core Installation)

Software Version

- (Windows 10 2004), - (Windows Server 2004 (Server Core Installation)), - (Windows 10 20H2), - (Windows Server 20H2 (Server Core Installation))

Possible Mitigations

Использование рекомендаций: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166

Reference

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166 https://nvd.nist.gov/vuln/detail/CVE-2021-31166 https://www.cybersecurity-help.cz/vdb/SB202105113 https://xakep.ru/2021/05/18/cve-2021-31166/ https://github.com/0vercl0k/CVE-2021-31166 https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Windows 10 2004), - (Windows Server 2004 (Server Core Installation)), - (Windows 10 20H2), - (Windows Server 20H2 (Server Core Installation))",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.05.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "26.05.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-02715",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-31166",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Windows 10 2004, Windows Server 2004 (Server Core Installation), Windows 10 20H2, Windows Server 20H2 (Server Core Installation)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows 10 2004 - 32-bit, Microsoft Corp Windows 10 2004 - 64-bit, Microsoft Corp Windows 10 2004 - ARM64, Microsoft Corp Windows Server 2004 (Server Core Installation) - , Microsoft Corp Windows 10 20H2 - ARM64, Microsoft Corp Windows 10 20H2 - 32-bit, Microsoft Corp Windows 10 20H2 - 64-bit, Microsoft Corp Windows Server 20H2 (Server Core Installation) - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0441\u0442\u0435\u043a\u0430 HTTP Protocol Stack \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Microsoft Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0441\u0442\u0435\u043a\u0430 HTTP Protocol Stack \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Microsoft Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0435\u0451 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e HTTP \u0437\u0430\u043f\u0440\u043e\u0441\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-31166\nhttps://www.cybersecurity-help.cz/vdb/SB202105113\nhttps://xakep.ru/2021/05/18/cve-2021-31166/\nhttps://github.com/0vercl0k/CVE-2021-31166\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CNVD-2021-35510

Vulnerability from cnvd - Published: 2021-05-19

Title

Microsoft HTTP.sys远程代码执行漏洞

Description

Microsoft HTTP.sys是美国微软（Microsoft）公司的一个应用协议。HTTP应用协议。 Microsoft HTTP.sys存在远程代码执行漏洞。目前没有详细漏洞细节提供。

Severity

高

Patch Name

Microsoft HTTP.sys远程代码执行漏洞的补丁

Patch Description

Microsoft HTTP.sys是美国微软（Microsoft）公司的一个应用协议。HTTP应用协议。 Microsoft HTTP.sys存在远程代码执行漏洞。目前没有详细漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-31166

Impacted products

Name
['Microsoft Windows Server 2004', 'Microsoft Windows 10 2004', 'Microsoft Windows 10 20H2', 'Microsoft Windows Server 20H2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-31166"
    }
  },
  "description": "Microsoft HTTP.sys\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u534f\u8bae\u3002HTTP\u5e94\u7528\u534f\u8bae\u3002\n\nMicrosoft HTTP.sys\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-35510",
  "openTime": "2021-05-19",
  "patchDescription": "Microsoft HTTP.sys\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u534f\u8bae\u3002HTTP\u5e94\u7528\u534f\u8bae\u3002\r\n\r\nMicrosoft HTTP.sys\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft HTTP.sys\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Server 2004",
      "Microsoft Windows 10 2004",
      "Microsoft Windows 10 20H2",
      "Microsoft Windows Server 20H2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-31166",
  "serverity": "\u9ad8",
  "submitTime": "2021-05-14",
  "title": "Microsoft HTTP.sys\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

FKIE_CVE-2021-31166

Vulnerability from fkie_nvd - Published: 2021-05-11 19:15 - Updated: 2026-06-17 03:51

CISA KEV KEVintel KEV

Severity

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

HTTP Protocol Stack Remote Code Execution Vulnerability

References

URL	Tags
secure@microsoft.com	http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166	Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	windows_10_2004	*
microsoft	windows_10_20h2	*
microsoft	windows_server_2004	*
microsoft	windows_server_20h2	*

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "secure@microsoft.com"
    }
  ],
  "cisaActionDue": "2022-04-27",
  "cisaExploitAdd": "2022-04-06",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F170C517-0312-457D-9108-ECA6638C8223",
              "versionEndExcluding": "10.0.19041.982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "957F366C-FD59-479A-A6C5-F93E35436549",
              "versionEndExcluding": "10.0.19042.982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD0A39ED-F4B4-4C2D-BDB4-088426F2377B",
              "versionEndExcluding": "10.0.19041.982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F42A77A0-2B44-4C08-8BBB-851B22AED6E8",
              "versionEndExcluding": "10.0.19042.982",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HTTP Protocol Stack Remote Code Execution Vulnerability"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de HTTP Protocol Stack"
    }
  ],
  "id": "CVE-2021-31166",
  "lastModified": "2026-06-17T03:51:21.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2021-31166",
          "options": [
            {
              "exploitation": "active"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-02-07T14:36:57.411562Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2021-05-11T19:15:09.300",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-3MJ9-C62W-JW5W

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2025-10-22 00:32

Details

HTTP Protocol Stack Remote Code Execution Vulnerability

Severity

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-31166"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-11T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "HTTP Protocol Stack Remote Code Execution Vulnerability",
  "id": "GHSA-3mj9-c62w-jw5w",
  "modified": "2025-10-22T00:32:13Z",
  "published": "2022-05-24T19:02:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31166"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-31166 (GCVE-0-2021-31166)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Successful Exploitation Confidence: 70% Source: kevintel

Details

References

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature