CVE-2021-29951
Mozilla Windows Maintenance Service Weak DACL
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1, Firefox < 87, and Firefox ESR < 78.10.1.
El servicio de mantenimiento de Mozilla concedía el acceso de la función SERVICE_START a BUILTIN|Users que, en una red de dominio, concede a usuarios remotos normales el acceso para iniciar o detener el servicio. Esto podría ser usado para impedir que el servicio de actualización del navegador opere (si un atacante enviaba el comando 'Stop'); pero también exponía la superficie de ataque en el servicio de mantenimiento. *Nota: Este problema sólo afecta a los sistemas operativos Windows anteriores a Win 10 build 1709. Los demás sistemas operativos no están afectados. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 78.10.1, Firefox versiones anteriores a 87 y Firefox ESR versiones anteriores a 78.10.1
Mozilla's Firefox 85 for Windows has a weak DACL for domain networks.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-01 CVE Reserved
- 2021-05-11 CVE Published
- 2024-03-09 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (4)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=1690062 | 2022-07-12 | |
| https://www.mozilla.org/security/advisories/mfsa2021-10 | 2022-07-12 | |
| https://www.mozilla.org/security/advisories/mfsa2021-18 | 2022-07-12 | |
| https://www.mozilla.org/security/advisories/mfsa2021-19 | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 87.0 Search vendor "Mozilla" for product "Firefox" and version " < 87.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | < 78.10.1 Search vendor "Mozilla" for product "Firefox Esr" and version " < 78.10.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | < 78.10.1 Search vendor "Mozilla" for product "Thunderbird" and version " < 78.10.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|