Wormable vulnerability found in Windows HTTP Protocol Stack could result in malicious code execution on the OS kernel
Wormable vulnerability found in Windows HTTP Protocol Stack could result in malicious code execution on the OS kernel
THREAT LEVEL: Red.
For a detailed advisory, download the pdf file here.
A wormable vulnerability (CVE-2021-31166) has been found in HTTP Protocol Stack used by the Windows Internet Information Services (IIS) affecting WinRM on Windows 10 and Server systems. An attacker can exploit this vulnerability by sending a formatted package incorrectly and running malicious code directly on the OS kernel without any authentication.
Vulnerability Details
Patch Link
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166
References
- https://msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166
- https://www.bleepingcomputer.com/news/security/exploit-released-for-wormable-windows-http-vulnerability/
- https://www.bleepingcomputer.com/news/security/wormable-windows-http-vulnerability-also-affects-winrm-servers/
- https://vuldb.com/?id.174865
