CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
CVE-2021-24074 | Windows TCP/IP Remote Code Execution Vulnerability | Windows 10 | Critical | 11-02-2021 |
Technical Information
Brief overview of the risk:
A TCP/IP vulnerability affecting IPv4 source routing. Source routing is a feature in IP protocol which allows the sender of the packet to specify the route that the packet has to take to reach the destination. This vulnerability can be exploited by specially crafting the packets with the IPv4 protocol features, IP fragmentation and Loose Source and Record Route (LSRR) at the same time. This would cause the Windows TCP/IP driver (tcpip.sys) to be confused with the individual packet fragments and the reassembled packets resulting in out-of-bound reads. An attacker who successfully exploited the vulnerability could execute arbitrary code in the context of the logged on user. Since IPv4 Source routing is insecure it is blocked by default on Windows. However an ICMP message denying the request is sent by default when processing these requests. A temporary workaround for this vulnerability is to make the systems to drop all requests altogether without processing.
Further information on this vulnerability is available at : CVE-2021-24074
Affected Software
Windows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for x64-based Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server version 1909 (Server Core installation)
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server version 2004 (Server Core installation)
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows Server version 20H2 (Server Core Installation)