Home

CVE-2021-42276

Description

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Risk Information

Base Score
7.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
6.533

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 2004 for x86-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows Server, version 2004 for x64-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 2004 for x64-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 20H2 for x86-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 20H2 for x64-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 21H1 for x64-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 21H1 for x86-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB5007189)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB5007189)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Microsoft server operating system version 21H2 for x64-based Systems (KB5007205)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows Server 2019 for x64-based Systems (KB5007206)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB5007206)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB5007206)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 11 for x64-based Systems (KB5007215)Windows
Windows Desktop Bridge Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB5007192)Windows
Windows Desktop Bridge Elevation of Privilege Vulnerability for Windows Server 2016 for x64-based Systems (KB5007192)Windows
Windows Desktop Bridge Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB5007192)Windows
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB5007207)Windows
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB5007207)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 21H2 for x86-based Systems (KB5007186)Windows
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability for Windows 10 Version 21H2 for x64-based Systems (KB5007186)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-323532021-11 Cumulative Update for Windows 10 Version 2004 for x86-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323542021-11 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323552021-11 Cumulative Update for Windows 10 Version 2004 for x64-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323562021-11 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323572021-11 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323592021-11 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323602021-11 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5007186) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323612021-11 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5007189) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323622021-11 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5007189) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323632021-11 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5007205) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323502021-11 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5007206) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323512021-11 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5007206) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323522021-11 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5007206) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323642021-11 Cumulative Update for Windows 11 for x64-based Systems (KB5007215) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323452021-11 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5007192) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323462021-11 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5007192) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323472021-11 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5007192) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323482021-11 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5007207) (CVE-2021-41371) (CVE-2021-38631)
PATCH-323492021-11 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5007207) (CVE-2021-41371) (CVE-2021-38631)
PATCH-324732021-11 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5007186)
PATCH-324742021-11 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5007186)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234