Security I Trust

Windows TCP/IP Remote Code Execution Vulnerability – CVE-2021-24074

 

CVE CVE-2021-24074
Published 09-Feb-21
Severity: Severe
Details: Windows TCP/IP Remote Code Execution Vulnerability
CVSS Score 4.4
CVSSv3 Score 9.8
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction The vulnerable system can be exploited without any interaction from a user
Impact
Impact on Confidentiality High
Impact on Integrity High
Impact to Availability High
Exploit Code in the Wild Unproven
Exploit Code Maturity Unproven
Remediation Level Vendor Patch
Exploitability Assessment This vulnerability is complex so that makes it difficult when creating an exploit. In the short-term widespread attack are predicted as being low. But when exploit code become available attacks could become widespread s this vulnerability can result in financial gain for an attacker.
Affected OS Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2
Windows 10 Version 2004
Windows Server, version 1909
Windows Server 2012 R2
Windows Server 2012
Windows Server 2008 R2
Windows Server 2008
Windows 8.1
Windows 7
Windows Server 2016
Windows 10 Version 1607
Windows Server 2019
Windows 10 Version 1803

 

Leave a Reply