CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
CVE-2021-31166 | HTTP Protocol Stack Remote Code Execution Vulnerability | Windows 10 | Critical | 24-05-2021 |
Technical Information
Brief overview of the risk:
It is a vulnerability in the HTTP protocol stack that could lead to wormable remote code execution. To exploit this unauthenticated attacker can send specially crafted packets to a targeted server utilizing the HTTP Protocol Stack. Successful exploitation could lead to arbitrary code execution in the context of the logged on user. It only impacts Windows 10 and Server version 2004 and 20H2.
Further information on this vulnerability is available at : CVE-2021-31166
Affected Software
Windows 10 Version 2004 for 32-bit SystemsWindows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server version 2004 (Server Core installation)
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows Server version 20H2 (Server Core Installation)