March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – 10 APT Groups Exploit Microsoft Exchange Security Flaws
May 12, 2021Rewterz Threat Advisory – ICS: Rockwell Automation Connected Components Workbench
May 17, 2021Rewterz Threat Alert – 10 APT Groups Exploit Microsoft Exchange Security Flaws
May 12, 2021Rewterz Threat Advisory – ICS: Rockwell Automation Connected Components Workbench
May 17, 2021
Severity
High
Analysis Summary
CVE-2021-31166
The vulnerability allows an unauthenticated attacker to remotely execute code as kernel. By sending a specially crafted packet to an affected server, an attacker can target a server utilizing the HTTP Protocol Stack (http.sys) to process packets. Windows 10 is also configured as a web server, so it is impacted as well.
Impact
Remote Code Execution
Affected Vendors
Microsoft
Affected Products
- Windows 10 Version 20H2 for all systems
- Windows 10 Version 2004 for all systems
Remediation
Visit the vendor website for more details, patches, and mitigation techniques. https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166