CVE-2021-43238 – Windows Remote Access Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43238
Windows Remote Access Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Remote Access This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Remote Access Connection Manager service. By creating a directory junction, an attacker can abuse the service to create a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43238 https://www.zerodayinitiative.com/advisories/ZDI-22-019 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2021-43236 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-43236
Microsoft Message Queuing Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Microsoft Message Queuing. Este ID de CVE es diferente de CVE-2021-43222 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43236 •
CVE-2021-43234 – Windows Fax Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43234
Windows Fax Service Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Fax Service • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43234 •
CVE-2021-43233 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43233
Remote Desktop Client Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Remote Desktop Client • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43233 •
CVE-2021-43232 – Windows Event Tracing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43232
Windows Event Tracing Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Windows Event Tracing • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43232 •