Microsoft released a critical security update for DNS Servers running Windows Server. This vulnerability is known as CVE-2021-24078 and rated with CVSS 9.8
A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account over the network.
The vulnerability was responsibly disclosed to Microsoft by Quan Luo from Codesafe Team of Legendsec at Qi'anxin Group.
According to Microsoft, exploitation is very likely, and PoCs are expected soon.
Affected:
- Windows Server 2004 - 2020
References
- Windows DNS Server Remote Code Execution Vulnerability CVE-2021-24078
- DIRTEAM: Windows DNS Server Remote Code Execution Vulnerability (CVE-2021-24078, Critical CVSSv3 9.8/8.5)
- ZDI: THE FEBRUARY 2021 SECURITY UPDATE REVIEW
Fragen? Kontakt: info@zero.bs