Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
CVE-2021-36949

7.1HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Azure Active Directory Connect 1.x.y.z; Azure Active Directory Connect Provisioning Agent; Microsoft Azure Active Directory Connect 2.0.x.y
Vendor: CVE Published:; 12 August 2021

🔔 Create Microsoft Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2021-36949?

Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability

Affected Version(s)

Azure Active Directory Connect Provisioning Agent Unknown 1.1.0.0 < 1.1.582.0

Microsoft Azure Active Directory Connect 1.X.Y.Z Unknown 1.0.0.0 < 1.6.11.3

Microsoft Azure Active Directory Connect 2.0.X.Y Unknown 2.0.0.0 < 2.0.8.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Check-AAD-Connect-for-CVE-2021-36949-vulnerability
Created by Maxwitat

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 14, 2021
👾
Exploit known to exist
Aug 14, 2021
Vulnerability published
Aug 12, 2021
Vulnerability Reserved
Jul 19, 2021