Security News > 2021 > July > Researchers Publish Details on Recent Critical Hyper-V Vulnerability
Security researchers at Guardicore Labs are sharing details of a critical vulnerability in Hyper-V that Microsoft patched in May 2021.
Tracked as CVE-2021-28476 with a CVSS score of 9.9, the security vulnerability impacts Hyper-V's virtual network switch driver and could be exploited to achieve remote code execution or cause a denial of service condition.
"Hyper-V is Azure's hypervisor; for this reason, a vulnerability in Hyper-V entails a vulnerability in Azure, and can affect whole regions of the public cloud. Triggering denial of service from an Azure VM would crash major parts of Azure's infrastructure and take down all virtual machines that share the same host," according to a Guardicore Labs report.
An attacker capable of exploiting the vulnerability to achieve remote code execution - a more complex exploitation chain - could take control over the host and the VMs running on it, thus having access to sensitive information and being able to run malicious payloads or perform other nefarious operations, the security researchers say.
Guardicore Labs says that there are two exploitation scenarios, one where an invalid pointer leads to the Hyper-V host crashing, and another where the host's kernel would read from a memory-mapped device register, thus leading to code execution.
"What made this vulnerability so lethal is the combination of a hypervisor bug - an arbitrary pointer dereference - with a design flaw allowing a too-permissive communication channel between the guest and the host," the researchers added.
News URL
Related news
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-11 | CVE-2021-28476 | Unspecified vulnerability in Microsoft products Windows Hyper-V Remote Code Execution Vulnerability | 0.0 |