CVE-2021-26897 — Code Injection in Microsoft Windows Server 2008 R2 Service Pack 1

CWE-94 — Code Injection18 documents12 sources

Severity

9.8CRITICALNVD

EPSS

11.0%

top 6.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2012 +6 more

Timeline

PublishedMar 11

Latest updateMay 24

Description

Windows DNS Server Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages9 packages

▶CVEListV5microsoft/windows_server_20126.2.0 — publication

▶CVEListV5microsoft/windows_server_201610.0.0 — publication

▶CVEListV5microsoft/windows_server_201910.0.0 — publication

▶CVEListV5microsoft/windows_server_2012_r26.3.0 — publication

▶CVEListV5microsoft/windows_server_version_200410.0.0 — publication

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-8546-vjcf-9r45: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897↗2022-05-24

▶

GHSA

GHSA-86v8-8qp7-vj9r: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897↗2022-05-24

▶

GHSA

GHSA-wjv8-g83f-g23g: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26897↗2022-05-24

▶

GHSA

GHSA-5hxq-rvgg-jqff: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895↗2022-05-24

▶

GHSA

GHSA-96hx-qvj2-8fpm: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26895, CVE-2021-26897↗2022-05-24

▶

🔍Detection Rules

Suricata

ET EXPLOIT Windows DNS Server RCE Attempt Inbound (CVE-2021-26897)↗2021-03-30

▶

📋Vendor Advisories

Microsoft

Windows DNS Server Remote Code Execution Vulnerability↗2021-03-09

▶

🕵️Threat Intelligence

Trendmicro

March Patch Tuesday: Fixes for Exchange Server, IE↗2021-03-10

▶

Qualys

March 2021 Patch Tuesday – 82 Vulnerabilities, 10 Critical, Adobe | Qualys↗2021-03-09

▶

Tenable

Microsoft’s March 2021 Patch Tuesday Addresses 82 CVEs (CVE-2021-26411)↗2021-03-09

▶

Talos

Microsoft Patch Tuesday for March 2021 — Snort rules and prominent vulnerabilities↗2021-03-09

▶

Qualys

March 2021 Patch Tuesday – 82 Vulnerabilities, 10 Critical, Adobe↗2021-03-09

▶