CVE-2021-44207
published 2021-12-21CVE-2021-44207: Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
PriorityP181high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2025-01-13
Exploited in the wild
EPSS
17.58%
96.8th percentile
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acclaimsystems | usaherds | <= 7.4.0.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The hard-coded credentials vulnerability in USAHERDS can be leveraged to achieve remote code execution; defenders should monitor for unexpected RCE activity on systems running USAHERDS (through version 7.4.0.1) ↗
- →Exploitation of this CVE requires the attacker to also obtain the ASP.NET MachineKey, likely via a separate vulnerability or out-of-band channel; monitor for reconnaissance or information-disclosure activity targeting the MachineKey on USAHERDS hosts ↗
- ·Exploitation is a two-step process: the hard-coded credentials alone are insufficient — the ASP.NET MachineKey must also be obtained through a separate vulnerability or channel before RCE is achievable ↗
- ·Affected versions are USAHERDS through 7.4.0.1; versions beyond this boundary are not confirmed vulnerable by the available sources ↗
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck8.1HIGH
cisa8.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
cisa·2024-12-23·CVSS 8.1
CVE-2021-44207 [HIGH] CWE-798 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Vulnerability: Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Affected: Acclaim Systems USAHERDS
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Please contact the product developer for support and vulnerability mitigation.
Notes: https://www.acclaimsystems.com/#contact ; https://www.tnatc.org/#contact ; https://nvd.nist.gov/vuln/detail/CVE-2021-44207
Remediation Due Date: 2025-01-13
GHSA
GHSA-qc3g-2wrf-8fcw: Acclaim USAHERDS through 7
ghsa_unreviewed·2021-12-22
CVE-2021-44207 [HIGH] CWE-798 GHSA-qc3g-2wrf-8fcw: Acclaim USAHERDS through 7
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
VulnCheck
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
vulncheck·2021·CVSS 8.1
CVE-2021-44207 [HIGH] CWE-798 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.
Affected: Acclaim Systems USAHERDS
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Please contact the product developer for support and vulnerability mitigation.
Exploitation References: https://www.mandiant.com/resources/blog/apt41-us-state-governments; https://www.hhs.gov/sites/default/files/apt41-recent-activity.pdf; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabil
No detection rules found.
No public exploits indexed.
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0012/MNDT-2021-0012.mdhttps://www.acclaimsystems.comhttps://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0012/MNDT-2021-0012.mdhttps://www.acclaimsystems.comhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44207
2021-12-21
Published
2024-12-23
Added to CISA KEV
Exploited in the wild