June 15, 2021

Microsoft DNS Server Remote Code Execution Vulnerability – CVE-2021-26893, CVE-2021-26894 and CVE-2021-26895

Three critical level security vulnerabilities with a CVSS 3.1 Score of 9.8 that will cause remote code execution has been published in the Microsoft DNS Server product. These security vulnerabilities allow code execution with the DNS Server application pool and DNS Server server group accounts. These security vulnerabilities are valid in the versions listed below. Although there is no exploit detection regarding the published vulnerabilities, it is recommended to download the published patches over the relevant links in order not to damage the systems due to their criticality.

Microsoft DNS Server Remote Code Execution Vulnerability
Microsoft DNS Server Remote Code Execution Vulnerability

 

Solution and CVE/CWE

Installing the updates listed in the table below is recommended.

CVE/CWE: CVE-2021-26893, CVE-2021-26894 ve CVE-2021-26895

Product

Article

Security Patch

Windows Server 2012 R2 (Server Core installation) 5000848 Monthly Rollup
Windows Server 2012 R2 (Server Core installation) 5000853 Security Only
Windows Server 2012 R2 5000848 Monthly Rollup
Windows Server 2012 R2 5000853 Security Only
Windows Server 2012 (Server Core installation) 5000847 Monthly Rollup
Windows Server 2012 (Server Core installation) 5000840 Security Only
Windows Server 2012 5000847 Monthly Rollup
Windows Server 2012 5000840 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000851 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000851 Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000856 Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2 5000856 Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000856 Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2 5000856 Security Only
Windows Server 2016  (Server Core installation) 5000803 Security Update
Windows Server 2016 5000803 Security Update
Windows Server, version 20H2 (Server Core Installation) 5000802 Security Update
Windows Server, version 2004 (Server Core installation) 5000802 Security Update
Windows Server, version 1909 (Server Core installation) 5000808 Security Update
Windows Server 2019  (Server Core installation) 5000822 Security Update
Windows Server 2019 5000822 Security Update
LEARN MORE  What is Mimikatz? Using Mimikatz in the Post-Abuse Process

Note: Those with a CVSS 3.1 score (out of 10) 7.0-8.9 are considered “high”, those with 9.0-10.0 are considered “critical” vulnerabilities.

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2021-26893

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26893

 

Leave a Reply

Your email address will not be published. Required fields are marked *