Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2021-42278
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 10 November 2021
Badges
What is CVE-2021-42278?
Active Directory Domain Services Elevation of Privilege Vulnerability
CISA has reported CVE-2021-42278
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2021-42278 as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
Windows Server 2008 Service Pack 2 x64-based Systems 6.0.0 < 6.0.6003.21282
Windows Server 2008 R2 Service Pack 1 (Server Core installation) x64-based Systems 6.0.0 < 6.1.7601.25769
Windows Server 2008 R2 Service Pack 1 x64-based Systems 6.1.0 < 6.1.7601.25769
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
70% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π°
Used in Ransomware
- π¦
CISA Reported
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved