Jun 10, 2021

June 2021Patch Tuesday

Microsoft patched 49 CVEs in its June 2021 Patch Tuesday release, including five CVEs rated as critical and 44 rated as important, and with six having been observed as exploited in the wild.

Below are the 9 highlighted CVEs and the associated vulnerability risk score.

 [*] Searching cve-[['2021-31955', '2021-31956', '2021-33742', '2021-22741', '2021-31939', '2021-33739', '2021-31983', '2021-31946', '2021-31945']] vulnerability definitions within Kenna.VI+....


[ CVE Description ]
 [*] CVE_ID : CVE-2021-31955
 [_] Desc   : Windows Kernel Information Disclosure Vulnerability

 [_] C:2021-05-01 / P:2021-06-08 / L:2021-06-10
 [*] Vuln Risk           : 12.2402
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/1.8670% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [2]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 2.1 / 5.5 ]

 [_] Vuln Products  : [8]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-31956
 [_] Desc   : Windows NTFS Elevation of Privilege Vulnerability

 [_] C:2021-05-01 / P:2021-06-08 / L:2021-06-09
 [*] Vuln Risk           : 29.6732
 [*] Exploited [trend]   : 3 [up]    [Pre_NVD]
 [_] Exploit/likehood    : False/3.6829% confidence

 [*] Malware sample : 1
 [*] Exploits/POC   : [1]
 [_] Fixes          : [2]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 6.8 / 7.8 ]

 [_] Vuln Products  : [0]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-33742
 [_] Desc   : Windows MSHTML Platform Remote Code Execution Vulnerability

 [_] C:2021-05-28 / P:2021-06-08 / L:2021-06-09
 [*] Vuln Risk           : 26.5204
 [*] Exploited [trend]   : 0 [holding]  [RCE]
 [_] Exploit/likehood    : False/3.7964% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [2]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 7.6 / 7.5 ]

 [_] Vuln Products  : [0]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-22741
 [_] Desc   : Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior), which could cause the revealing of account credentials when server database files are available. Exposure of these files to an attacker can make the system vulnerable to password decryption attacks. Note that “.sde” configuration export files do not contain user account password hashes.

 [_] C:2021-01-06 / P:2021-05-26 / L:2021-06-07
 [*] Vuln Risk           : 16.6911
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/0.0253% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [0]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 4.6 / 6.7 ]

 [_] Vuln Products  : [3]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-31939
 [_] Desc   : Microsoft Excel Remote Code Execution Vulnerability

 [_] C:2021-05-01 / P:2021-06-08 / L:2021-06-10
 [*] Vuln Risk           : 32.6405
 [*] Exploited [trend]   : 0 [holding]    [Pre_NVD]
 [_] Exploit/likehood    : False/13.8740% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [3]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 7.2 / 7.8 ]

 [_] Vuln Products  : [0]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-33739
 [_] Desc   : Microsoft DWM Core Library Elevation of Privilege Vulnerability

 [_] C:2021-05-28 / P:2021-06-08 / L:2021-06-09
 [*] Vuln Risk           : 22.4403
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/4.4376% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [2]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 7.2 / 8.4 ]

 [_] Vuln Products  : [0]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-31983
 [_] Desc   : Paint 3D Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31945, CVE-2021-31946.

 [_] C:2021-05-01 / P:2021-06-08 / L:2021-06-10
 [*] Vuln Risk           : 32.6405
 [*] Exploited [trend]   : 0 [holding]    [Pre_NVD]
 [_] Exploit/likehood    : False/33.2174% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [1]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 7.2 / 7.8 ]

 [_] Vuln Products  : [0]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-31946
 [_] Desc   : Paint 3D Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31945, CVE-2021-31983.

 [_] C:2021-05-01 / P:2021-06-08 / L:2021-06-10
 [*] Vuln Risk           : 32.6405
 [*] Exploited [trend]   : 0 [holding]  [RCE]
 [_] Exploit/likehood    : False/29.5867% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [1]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 6.8 / 6.6 ]

 [_] Vuln Products  : [1]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2021-31945
 [_] Desc   : Paint 3D Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31946, CVE-2021-31983.

 [_] C:2021-05-01 / P:2021-06-08 / L:2021-06-10
 [*] Vuln Risk           : 32.6405
 [*] Exploited [trend]   : 0 [holding]  [RCE]
 [_] Exploit/likehood    : False/29.5867% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [1]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 6.8 / 6.6 ]

 [_] Vuln Products  : [1]

[ CVE Malware Family Info : None ]

[ High_Profile_Vulnerability ]
 [!!!]   CVE-2021-31955 (12.2402) : []
 [!!!]   CVE-2021-31956 (29.6732) : ['hpv_exploited', 'hpv_malware', 'hpv_poc']
 [!!!]   CVE-2021-33742 (26.5204) : []
 [!!!]   CVE-2021-22741 (16.6911) : []
 [!!!]   CVE-2021-31939 (32.6405) : []
 [!!!]   CVE-2021-33739 (22.4403) : []
 [!!!]   CVE-2021-31983 (32.6405) : []
 [!!!]   CVE-2021-31946 (32.6405) : []
 [!!!]   CVE-2021-31945 (32.6405) : []


 ** [5] threads completed [18 tasks] / [15.59 KB] within [9.76 sec].