CVE-2021-26432: Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability

Overview

Severity

Critical (CVSS 9.8)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

More Likely

Patch Tuesday

2021-Aug

Released

2021-08-10

Last Updated

2021-08-12

EPSS Score

10.29% (percentile: 93.2%)

FAQ

What system configurations would expose this vulnerability? Servers that have installed the Network File System are exposed to this vulnerability in rpcxdr.sys. An attacker would require read or write permission to any file on an NFS share on the victim system. If NFS is configured to allow anonymous access, then the victim system would be vulnerable to unauthenticated attackers. Does this security update apply to non-server systems? Yes. While servers are much more likely to be exposed to this vulnerability, the security update to rpcxdr.sys applies to all Windows editions in the Security Updates table.

Affected Products (32)

Other

• 11568
• 11569
• 11570
• 11571
• 11572
• 11712
• 11713
• 11714
• 11896
• 11897
• 11898
• 11766
• 11767
• 11768
• 11769
• 11800
• 11801
• 11802
• 11803
• 10729
• 10735
• 10852
• 10853
• 10816
• 10855
• 10481
• 10482
• 10484
• 10378
• 10379
• 10483
• 10543

Security Updates (9)

• 5005030
• 5005031
• 5005033
• 5005040
• 5005043
• 5005076
• 5005106
• 5005099
• 5005094

Acknowledgments

Liubenjin from Codesafe Team of Legendsec at Qi'anxin Group

Revision History

• 2021-08-10: Information published.
• 2021-08-12: Added FAQ to provide further vulnerability details. This is an informational change only.