⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2021-11-17. Required action: Apply updates per vendor instructions..

CVE-2021-33742

CWE-787Out-of-bounds WriteCWE-119Buffer OverflowCWE-681CWE-82312 documents10 sources
Severity
8.8HIGH
EPSS
71.0%
top 1.30%
CISA KEV
KEV
Added 2021-11-03
Due 2021-11-17
Exploit
Exploited in wild
Active exploitation observed
Affected products
24
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+21 more
Timeline
PublishedJun 8
KEV addedNov 3
KEV dueNov 17
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

Windows MSHTML Platform Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages24 packages

NVDmicrosoft/windows< 10.0.14393.4467+3
CVEListV5microsoft/windows_76.1.06.1.7601.25632+1
CVEListV5microsoft/windows_8.16.3.06.3.9600.20045+1
NVDmicrosoft/windows_10_1507< 10.0.10240.18967
NVDmicrosoft/windows_10_1607< 10.0.14393.4467

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

5
GHSA
GHSA-gf47-3hhj-gv96: Windows MSHTML Platform Remote Code Execution Vulnerability2022-05-24
Project0
The More You Know, The More You Know You Don’t Know - Project Zero2022-04-01
CVEList
Windows MSHTML Platform Remote Code Execution Vulnerability2021-06-08
VulnCheck
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability2021
Project0
Project Zero RCA: CVE-2021-33742: Internet Explorer out-of-bounds write in MSHTML

🔍Detection Rules

1
Suricata
ET EXPLOIT IE MSHTML Out-of-Bounds Write Inbound (CVE-2021-33742)2021-07-15

📋Vendor Advisories

2
CISA
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability2021-11-03
Microsoft
Windows MSHTML Platform Remote Code Execution Vulnerability2021-06-08

🕵️Threat Intelligence

1
Krebs
Microsoft Patches Six Zero-Day Security Holes2021-06-08
CVE-2021-33742 (HIGH CVSS 8.8) | Windows MSHTML Platform Remote Code | cvebase.io