CVE-2021-1733
published 2021-02-25CVE-2021-1733: Sysinternals PsExec Elevation of Privilege Vulnerability
PriorityP278high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.52%
39.9th percentile
Sysinternals PsExec Elevation of Privilege Vulnerability
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | psexec | < publication | publication |
| msrc | psexec | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability affects Sysinternals PsExec; monitor for PsExec usage in environments where privilege escalation is a concern, particularly versions prior to v2.32 ↗
- ·Only PsExec versions prior to v2.32 are vulnerable; v2.32 and later are patched ↗
- ·Vulnerability is publicly disclosed but not yet exploited in the wild at time of advisory; exploitation assessed as Less Likely for both latest and older software releases ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vulncheck7.8HIGH
vendor_msrc7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Sysinternals PsExec Elevation of Privilege Vulnerability
vendor_msrc·2021-02-09·CVSS 7.8
CVE-2021-1733 [HIGH] Sysinternals PsExec Elevation of Privilege Vulnerability
Sysinternals PsExec Elevation of Privilege Vulnerability
FAQ: What version of PSExec contains the update to resolve this vulnerability?
PsExec v2.32 is not longer affected by this vulneratiblity.
SysInternals: SysInternals
Microsoft: Microsoft
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Remediation: Release Notes
Reference: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
GHSA
GHSA-w8qf-q3qr-cmvm: Sysinternals PsExec Elevation of Privilege Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-1733 [HIGH] CWE-269 GHSA-w8qf-q3qr-cmvm: Sysinternals PsExec Elevation of Privilege Vulnerability
Sysinternals PsExec Elevation of Privilege Vulnerability
VulnCheck
Microsoft psexec Improper Privilege Management
vulncheck·2021·CVSS 7.8
CVE-2021-1733 [HIGH] Microsoft psexec Improper Privilege Management
Microsoft psexec Improper Privilege Management
Sysinternals PsExec Elevation of Privilege Vulnerability
Affected: Microsoft psexec
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://medium.com/s2wblog/detailed-analysis-of-darkgate-investigating-new-top-trend-backdoor-malware-0545ecf5f606
No detection rules found.
No public exploits indexed.
Trendmicro
February Patch Tuesday Fixes 11 Critical Bugs
blogs_trendmicro·2021-02-10·CVSS 9.8
[CRITICAL] February Patch Tuesday Fixes 11 Critical Bugs
Exploits & Vulnerabilities
# February Patch Tuesday Fixes 11 Critical Bugs
Microsoft fixed 56 vulnerabilities - 11 of them rated Critical - in the February Patch Tuesday cycle.
By: Trend Micro
2021/02/10
Read time: ( words)
Save to Folio
February’s Patch Tuesday fixes a total of 56 vulnerabilities, with 11 of these being rated as Critical by Microsoft. This represents a decline both from January’s total of 83 vulnerabilities, as well as that of the same month in 2020, which had 99. Six of these vulnerabilities had been disclosed publicly, with a separate vulnerability being already exploited beforehand. Seven of these vulnerabilities were disclosed via the Zero Day Initiative (ZDI).
Fixed Critical Vulnerabilities: Networking components, Codecs
The nine Critical vulnerabilities are
Tenable
Microsoft’s February 2021 Patch Tuesday Addresses 56 CVEs (CVE-2021-24074, CVE-2021-24094, CVE-2021-24086)
blogs_tenable·2021-02-09·CVSS 9.8
[CRITICAL] Microsoft’s February 2021 Patch Tuesday Addresses 56 CVEs (CVE-2021-24074, CVE-2021-24094, CVE-2021-24086)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2021-02-25
Published
Exploited in the wild