Windows PoC Exploit Released for Wormable RCE

2021-05-19 14:35

A researcher has released a proof-of-concept exploit for CVE-2021-31166, a use-after-free, highly critical vulnerability in the HTTP protocol stack that could lead to wormable remote code execution.

An exploit would allow RCE with kernel privileges or a denial-of-service attack.

This isn't the first PoC exploit for CVE-2021-31166 that Souchet has released, but this is the first wormable one.

The publishing of a PoC code like this is typically the first step in the lifecycle of an exploit.

One example is the eight-month lifecycle of CVE-2020-9054: an exploit sold on the XSS cybercriminal forum for $20,000 in February 2020 that got written up by cybersecurity journalist Brian Krebs, was publicly disclosed and patched by Microsoft in March 2020, and wound up being exploited by a botnet a month later.

Microsoft exploits, after all, are by far the most-requested and the most-sold exploit flavors on the underground market: All the more reason to heed Microsoft's advice to prioritize patching for this one.

News URL

https://threatpost.com/windows-exploit-wormable-rce/166289/

#exploit #POC #RCE #windows #CVE-2021-31166 #CVE-2020-9054

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-11	CVE-2021-31166	Use After Free vulnerability in Microsoft Windows 10 and Windows Server 2016 HTTP Protocol Stack Remote Code Execution Vulnerability network low complexity microsoft CWE-416 critical	9.8
2020-03-04	CVE-2020-9054	OS Command Injection vulnerability in Zyxel products Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. network low complexity zyxel CWE-78 critical	10.0

News URL

Related news

Related Vulnerability