CVE-2021-26414
published 2021-06-08CVE-2021-26414: Windows DCOM Server Security Feature Bypass Windows DCOM Server Security Feature Bypass
medium4.8
Windows DCOM Server Security Feature Bypass
Windows DCOM Server Security Feature Bypass
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_1507 | >= 10.0.0 < 10.0.10240.19802 | 10.0.10240.19802 |
| microsoft | windows_10_version_1607 | >= 10.0.0 < 10.0.14393.5786 | 10.0.14393.5786 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.4131 | 10.0.17763.4131 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.2344 | 10.0.18363.2344 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.2728 | 10.0.19042.2728 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1766 | 10.0.19043.1766 |
| microsoft | windows_10_version_21h2 | >= 10.0.0 < 10.0.19044.2728 | 10.0.19044.2728 |
| microsoft | windows_11_version_21h2 | >= 10.0.0 < 10.0.22000.1696 | 10.0.22000.1696 |
| microsoft | windows_7 | >= 6.1.0 < 6.1.7601.25984 | 6.1.7601.25984 |
| microsoft | windows_7_service_pack_1 | >= 6.1.0 < 6.1.7601.25984 | 6.1.7601.25984 |
| microsoft | windows_8.1 | >= 6.3.0 < 6.3.9600.20402 | 6.3.9600.20402 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.0.0 < 6.1.7601.26415 | 6.1.7601.26415 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < 6.1.7601.26415 | 6.1.7601.26415 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < 6.0.6003.21966 | 6.0.6003.21966 |
| microsoft | windows_server_2012 | >= 6.2.0 < 6.2.9200.24168 | 6.2.9200.24168 |
| microsoft | windows_server_2012_r2 | >= 6.3.0 < 6.3.9600.20865 | 6.3.9600.20865 |
| microsoft | windows_server_2016 | >= 10.0.0 < 10.0.14393.5786 | 10.0.14393.5786 |
| microsoft | windows_server_2019 | >= 10.0.0 < 10.0.17763.4131 | 10.0.17763.4131 |
| microsoft | windows_server_2022 | >= 10.0.0 < 10.0.20348.1607 | 10.0.20348.1607 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_1909 | — | — |
| msrc | windows_10_version_20h2 | — | — |
| msrc | windows_10_version_21h1 | — | — |
CISA ICS
Rockwell Automation FactoryTalk Service Platform
cisa_ics·2024-01-30·CVSS 4.8
[MEDIUM] Rockwell Automation FactoryTalk Service Platform
ICS Advisory
##
Rockwell Automation FactoryTalk Service Platform
Release DateJanuary 30, 2024
Alert CodeICSA-24-030-06
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: FactoryTalk Service Platform
- Vulnerability: Improper Verification of Cryptographic Signature
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to retrieve user information and modify settings without any authentication.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Rockwell Automation products are affected:
- FactoryTalk Service Platform: Versions prior to v6.4
## 3.2 Vulnerability Overview
3.2.1 IMPROPER VERIFICATION OF CRYPTOGR
Microsoft
Windows DCOM Server Security Feature Bypass
vendor_msrc·2021-06-08·CVSS 4.8
CVE-2021-26414 [MEDIUM] Windows DCOM Server Security Feature Bypass
Windows DCOM Server Security Feature Bypass
FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.
FAQ: Do I need to take further steps to be protected from this vulnerability?
Yes. The security updates released on June 8, 2021 enable RPC_C_AUTHN_LEVEL_PKT_INTEGRITY on DCOM clients by default and provide full protection a
CVEList
Windows DCOM Server Security Feature Bypass
cvelistv5·2021-06-08·CVSS 4.8
CVE-2021-26414 [MEDIUM] Windows DCOM Server Security Feature Bypass
Windows DCOM Server Security Feature Bypass
Windows DCOM Server Security Feature Bypass
No detection rules found.
No public exploits indexed.
2021-06-08
Published