目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2021-36934 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Windows Elevation of Privilege Vulnerability
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker must have the ability to execute code on a victim system to exploit this vulnerability.</p> <p>After installing this security update, you <em>must</em> manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. <strong>Simply installing this security update will not fully mitigate this vulnerability.</strong> See <a href="https://support.microsoft.com/topic/1ceaa637-aaa3-4b58-a48b-baf72a2fa9e7">KB5005357- Delete Volume Shadow Copies</a>.</p>
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft Windows 访问控制错误漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司的一种桌面操作系统。 Microsoft Windows 存在访问控制错误漏洞,该漏洞源于系统对多个系统文件的访问控制列表过于宽松,因此存在特权提升漏洞。成功利用此漏洞的攻击者可以使用SYSTEM权限运行任意代码。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
MicrosoftWindows 10 Version 1809 10.0.0 ~ 10.0.17763.2114 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2114:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 1909 10.0.0 ~ 10.0.18363.1734 cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1734:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 21H1 10.0.0 ~ 10.0.19043.1165 cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1165:*:*:*:*:*:x64:*
MicrosoftWindows 10 Version 2004 10.0.0 ~ 10.0.19041.1165 cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1165:*:*:*:*:*:x64:*
MicrosoftWindows 10 Version 20H2 10.0.0 ~ 10.0.19042.1165 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1165:*:*:*:*:*:x86:*
二、漏洞 CVE-2021-36934 的公开POC
#POC 描述源链接神龙链接
1Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalationhttps://github.com/HuskyHacks/ShadowStealPOC详情
2Fix for the CVE-2021-36934https://github.com/JoranSlingerland/CVE-2021-36934POC详情
3Detection and Mitigation script for CVE-2021-36934 (HiveNightmare aka. SeriousSam)https://github.com/n3tsurge/CVE-2021-36934POC详情
4Small and dirty PoC for CVE-2021-36934https://github.com/Wh04m1001/VSSCopyPOC详情
5PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newerhttps://github.com/WiredPulse/Invoke-HiveNightmarePOC详情
6HiveNightmare a.k.a. SeriousSam Local Privilege Escalation in Windows – CVE-2021-36934https://github.com/romarroca/SeriousSamPOC详情
7A capability to identify and remediate CVE-2021-36934 (HiveNightmare)https://github.com/WiredPulse/Invoke-HiveDreamsPOC详情
8CVE-2021-36934 PowerShell Fixhttps://github.com/tda90/CVE-2021-36934POC详情
9Windows Elevation of Privilege Vulnerability (SeriousSAM)https://github.com/VertigoRay/CVE-2021-36934POC详情
10CVE-2021-36934 PowerShell scriptshttps://github.com/bytesizedalex/CVE-2021-36934POC详情
11C# PoC for CVE-2021-36934/HiveNightmare/SeriousSAMhttps://github.com/Preventions/CVE-2021-36934POC详情
12PoC for CVE-2021-36934 Aka HiveNightmare/SeriousSAM written in python3https://github.com/Sp00p64/PyNightmarePOC详情
13This PowerShell script will take the mitigation measures for CVE-2021-36934 described by Microsoft and the US CERT team. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934 https://kb.cert.org/vuls/id/506989 USE AT YOUR OWN RISK -- BACKUPS MAY BREAK.https://github.com/jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMMPOC详情
14Nonehttps://github.com/0x0D1n/CVE-2021-36934POC详情
15HiveNightmare aka SeriousSAM https://github.com/exploitblizzard/CVE-2021-36934POC详情
16CVE-2021-36934 HiveNightmare vulnerability checker and workaroundhttps://github.com/irissentinel/CVE-2021-36934POC详情
17SeriousSAM Auto Exploiterhttps://github.com/websecnl/CVE-2021-36934POC详情
18POC experiments with Volume Shadow copy Service (VSS)https://github.com/grishinpv/poc_CVE-2021-36934POC详情
19Windows Elevation of Privilege Vulnerability CVE-2021-36934https://github.com/shaktavist/SeriousSamPOC详情
20Nonehttps://github.com/OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POCPOC详情
21Exploit for CVE-2021-36934https://github.com/chron1k/oxide_hivePOC详情
22PoC for CVE-2021-36934 Aka HiveNightmare/SeriousSAM written in python3https://github.com/Sp00kySkelet0n/PyNightmarePOC详情
23PoC malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) using a fileless red team method on Windows 10/11 with LOLBins, extracting SYSTEM and SAM hives for local NTLM hashes. https://github.com/P1rat3R00t/Why-so-Serious-SAMPOC详情
24Educational lab demonstrating CVE-2021-36934 (HiveNightmare) - Windows LPE via shadow copy ACL misconfiguration. https://github.com/d4yon/CVE-2021-36934-HiveNightmare-LabPOC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2021-36934 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: Windows 10 Version 1809
Same vendor: Microsoft
V. Comments for CVE-2021-36934

暂无评论

发表评论