CVE-2021-26424: Windows TCP/IP Remote Code Execution Vulnerability

Overview

Severity

Critical (CVSS 9.9)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

More Likely

Patch Tuesday

2021-Aug

Released

2021-08-10

Last Updated

2021-08-17

EPSS Score

10.53% (percentile: 93.3%)

FAQ

How could an attacker exploit this vulnerability? This vulnerability is remotely triggerable by a malicious Hyper-V guest that sends an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCPIP packet to its host utilizing the TCPIP Protocol Stack (tcpip.sys) to process packets. Is this attack specific to Hyper-V or applicable to all hypervisor technologies? This attack is specific to Hyper-V. Systems that do not have Hyper-V installed are not at risk. Will disabling IPV6 mitigate this vulnerability? Yes. Disabling IPV6 will block the threat vector. See Guidance for configuring IPv6 in Windows for advanced users for instructions for disabling IPV6.

Affected Products (40)

Other

• 11568
• 11569
• 11570
• 11571
• 11572
• 11712
• 11713
• 11714
• 11896
• 11897
• 11898
• 11766
• 11767
• 11768
• 11769
• 11800
• 11801
• 11802
• 11803
• 10729
• 10735
• 10852
• 10853
• 10816
• 10855
• 10047
• 10048
• 10481
• 10482
• 10484
• 9312
• 10287
• 9318
• 9344
• 10051
• 10049
• 10378
• 10379
• 10483
• 10543

Security Updates (13)

• 5005030
• 5005031
• 5005033
• 5005040
• 5005043
• 5005088
• 5005089
• 5005076
• 5005106
• 5005090
• 5005095
• 5005099
• 5005094

Acknowledgments

Quan Luo from Codesafe Team of Legendsec at Qi'anxin Group

Revision History

• 2021-08-10: Information published.
• 2021-08-17: Updated FAQ information. This is an informational change only.