CVE-2021-26701
published 2021-02-25CVE-2021-26701: .NET Core Remote Code Execution Vulnerability .NET Core Remote Code Execution Vulnerability
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
30.31%
98.0th percentile
.NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_visual_studio_2017_version_15.9 | >= 15.9.0 < publication | publication |
| microsoft | microsoft_visual_studio_2019_version_16.4 | >= 16.0 < publication | publication |
| microsoft | microsoft_visual_studio_2019_version_16.7 | >= 16.0.0 < publication | publication |
| microsoft | microsoft_visual_studio_2019_version_16.8 | >= 16.0 < publication | publication |
| microsoft | microsoft_visual_studio_2019_version_16.9 | >= 15.0.0 < publication | publication |
| microsoft | net_5.0 | >= 5.0.0 < publication | publication |
| microsoft | net_core_2.1 | >= 2.1 < publication | publication |
| microsoft | net_core_3.1 | >= 3.1 < publication | publication |
| microsoft | powershell_core_7.0 | >= 7.0.0 < publication | publication |
| microsoft | powershell_core_7.1 | >= 7.1.0 < publication | publication |
| microsoft | system.text.encodings.web | >= 4.0.0 < 4.5.1 | 4.5.1 |
| microsoft | system.text.encodings.web | >= 4.6.0 < 4.7.2 | 4.7.2 |
| microsoft | system.text.encodings.web | >= 5.0.0 < 5.0.1 | 5.0.1 |
| microsoft | visual_studio_2019_for_mac | >= 8.0.0 < publication | publication |
| msrc | microsoft_visual_studio_2017_version_15.9 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.4 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.7 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.8 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.9 | — | — |
| msrc | net_5.0 | — | — |
| msrc | net_core_2.1 | — | — |
| msrc | net_core_3.1 | — | — |
| msrc | powershell_core_7.0 | — | — |
| msrc | powershell_core_7.1 | — | — |
| msrc | visual_studio_2019_for_mac | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
cvelistv58.1HIGH
ghsa9.8CRITICAL
osv9.8CRITICAL
vendor_msrc8.1HIGH
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
.NET Core Remote Code Execution Vulnerability
osv·2022-05-24·CVSS 9.8
CVE-2021-24112 [CRITICAL] .NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux. This CVE ID is unique from CVE-2021-26701.
GHSA
.NET Core Remote Code Execution Vulnerability
ghsa·2022-05-24·CVSS 9.8
CVE-2021-24112 [CRITICAL] .NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux. This CVE ID is unique from CVE-2021-26701.
GHSA
.NET Core Remote Code Execution Vulnerability
ghsa·2021-04-21·CVSS 9.8
CVE-2021-26701 [CRITICAL] .NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
### Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A remote code execution vulnerability exists in .NET 5 and .NET Core due to how text encoding is performed.
### Discussion
Discussion for this issue can be found at dotnet/runtime#49377
### Mitigation factors
Microsoft has not identified any mitigating factors for this vulnerability.
### Affected software
The vulnerable package is `System.Text.Encodings.Web` . Upgrading
OSV
.NET Core Remote Code Execution Vulnerability
osv·2021-04-21·CVSS 9.8
CVE-2021-26701 [CRITICAL] .NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
### Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A remote code execution vulnerability exists in .NET 5 and .NET Core due to how text encoding is performed.
### Discussion
Discussion for this issue can be found at dotnet/runtime#49377
### Mitigation factors
Microsoft has not identified any mitigating factors for this vulnerability.
### Affected software
The vulnerable package is `System.Text.Encodings.Web` . Upgrading
CVEList
.NET Core Remote Code Execution Vulnerability
cvelistv5·2021-02-25·CVSS 8.1
CVE-2021-26701 [HIGH] .NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
Palo Alto
Informational: Impact of Microsoft PowerShell Vulnerability CVE-2021-26701 on Cortex XSOAR
vendor_paloalto·2021-08-11·CVSS 9.8
CVE-2021-26701 [CRITICAL] Informational: Impact of Microsoft PowerShell Vulnerability CVE-2021-26701 on Cortex XSOAR
Informational: Impact of Microsoft PowerShell Vulnerability CVE-2021-26701 on Cortex XSOAR
Palo Alto Networks Cortex XSOAR maintains Docker Images with PowerShell available for customers to use. The base docker images with PowerShell were updated on May 19, 2021 with PowerShell version 7.1.3. Palo Alto Networks urges customers to upgrade their docker images to a version with the tag 7.1.3 or higher to protect against the PowerShell vulnerability CVE-2021-26701.
All content on the Cortex XSOAR Marketplace that utilizes PowerShell has been updated to use PowerShell version 7.1.3 to mitigate any possible risk associated with CVE-2021-26701. Customers are encouraged to also update all relevant content on the Cortex XSOAR Marketplace.
Affected products: Cortex XSOAR PowerShell Image
Soluti
Red Hat
dotnet: System.Text.Encodings.Web Remote Code Execution
vendor_redhat·2021-02-25·CVSS 8.1
CVE-2021-26701 [HIGH] CWE-119 dotnet: System.Text.Encodings.Web Remote Code Execution
dotnet: System.Text.Encodings.Web Remote Code Execution
.NET Core Remote Code Execution Vulnerability
A remote code execution vulnerability was found in dotnet in the System.Text.Encodings.Web package, caused by a buffer overrun. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Microsoft
.NET Core Remote Code Execution Vulnerability
vendor_msrc·2021-02-09·CVSS 8.1
CVE-2021-26701 [HIGH] .NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
FAQ: Is Visual Studio affected by this vulnerability?
Visual Studio contains the binaries for .NET, but Visual Studio is not vulnerable to this issue. The update is offered to include the .NET files so any future applications built in Visual Studio which include .NET functionality will be protected from this issue.
.NET Core: .NET Core
Microsoft: Microsoft
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Remediation: Release Notes
Reference: https://dotnet.microsoft.com/download/dotnet-core/2.1
Reference: https://dotnet.microsoft.com/download/dotnet-core/3.1
Reference: https://dotnet.microsoft.com/do
No detection rules found.
No public exploits indexed.
2021-02-25
Published