Windows IPV4 And IPV6 Stack Vulnerabilities
2/15/2021

Microsoft has fixed two critical remote-code execution flaws in the TCP/IP implementation in Windows that could be exploited by network-based attackers to either gain control of a target system or cause a denial-of-service

Overview

  • Microsoft released patches for CVE-2021-24074, CVE-2021-24086, and CVE-2021- 24094, remotely exploitable vulnerabilities in Windows TCP/IP stack that were fixed by February 2021 Windows Updates (and left unpatched on Windows 7 and Server 2008 R2 machines without Extended Security Updates).

  • CVE-2021-24086 and CVE-2021-24094 are denial-of-services (DoS) vulnerabilities in the Windows IPv6.

  • CVE-2021-24074 is remote-code execution (RCE) vulnerability in the Windows IPv4 stack.

  • CVE-2021-24086 vulnerability is rated 7.5/6.5 on the CVSS scale.

  • CVE-2021-24074 and CVE-2021-24094 vulnerabilities are rated 9.8/8.5 on the CVSS scale.

  • The DoS exploits for these CVEs would allow a remote attacker to cause a stop error. Users might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic.

  • IPv4 Source Routing requests and IPv6 fragments can be blocked on an edge device, such as a load balancer or a firewall.

 

Windows