Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-36934
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Windows Elevation of Privilege Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker must have the ability to execute code on a victim system to exploit this vulnerability.</p> <p>After installing this security update, you <em>must</em> manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. <strong>Simply installing this security update will not fully mitigate this vulnerability.</strong> See <a href="https://support.microsoft.com/topic/1ceaa637-aaa3-4b58-a48b-baf72a2fa9e7">KB5005357- Delete Volume Shadow Copies</a>.</p>
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows 访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司的一种桌面操作系统。 Microsoft Windows 存在访问控制错误漏洞,该漏洞源于系统对多个系统文件的访问控制列表过于宽松,因此存在特权提升漏洞。成功利用此漏洞的攻击者可以使用SYSTEM权限运行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
MicrosoftWindows 10 Version 1809 10.0.0 ~ 10.0.17763.2114 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2114:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 1909 10.0.0 ~ 10.0.18363.1734 cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1734:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 21H1 10.0.0 ~ 10.0.19043.1165 cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1165:*:*:*:*:*:x64:*
MicrosoftWindows 10 Version 2004 10.0.0 ~ 10.0.19041.1165 cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1165:*:*:*:*:*:x64:*
MicrosoftWindows 10 Version 20H2 10.0.0 ~ 10.0.19042.1165 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1165:*:*:*:*:*:x86:*
II. Public POCs for CVE-2021-36934
#POC DescriptionSource LinkShenlong Link
1Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalationhttps://github.com/HuskyHacks/ShadowStealPOC Details
2Fix for the CVE-2021-36934https://github.com/JoranSlingerland/CVE-2021-36934POC Details
3Detection and Mitigation script for CVE-2021-36934 (HiveNightmare aka. SeriousSam)https://github.com/n3tsurge/CVE-2021-36934POC Details
4Small and dirty PoC for CVE-2021-36934https://github.com/Wh04m1001/VSSCopyPOC Details
5PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newerhttps://github.com/WiredPulse/Invoke-HiveNightmarePOC Details
6HiveNightmare a.k.a. SeriousSam Local Privilege Escalation in Windows – CVE-2021-36934https://github.com/romarroca/SeriousSamPOC Details
7A capability to identify and remediate CVE-2021-36934 (HiveNightmare)https://github.com/WiredPulse/Invoke-HiveDreamsPOC Details
8CVE-2021-36934 PowerShell Fixhttps://github.com/tda90/CVE-2021-36934POC Details
9Windows Elevation of Privilege Vulnerability (SeriousSAM)https://github.com/VertigoRay/CVE-2021-36934POC Details
10CVE-2021-36934 PowerShell scriptshttps://github.com/bytesizedalex/CVE-2021-36934POC Details
11C# PoC for CVE-2021-36934/HiveNightmare/SeriousSAMhttps://github.com/Preventions/CVE-2021-36934POC Details
12PoC for CVE-2021-36934 Aka HiveNightmare/SeriousSAM written in python3https://github.com/Sp00p64/PyNightmarePOC Details
13This PowerShell script will take the mitigation measures for CVE-2021-36934 described by Microsoft and the US CERT team. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934 https://kb.cert.org/vuls/id/506989 USE AT YOUR OWN RISK -- BACKUPS MAY BREAK.https://github.com/jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMMPOC Details
14Nonehttps://github.com/0x0D1n/CVE-2021-36934POC Details
15HiveNightmare aka SeriousSAM https://github.com/exploitblizzard/CVE-2021-36934POC Details
16CVE-2021-36934 HiveNightmare vulnerability checker and workaroundhttps://github.com/irissentinel/CVE-2021-36934POC Details
17SeriousSAM Auto Exploiterhttps://github.com/websecnl/CVE-2021-36934POC Details
18POC experiments with Volume Shadow copy Service (VSS)https://github.com/grishinpv/poc_CVE-2021-36934POC Details
19Windows Elevation of Privilege Vulnerability CVE-2021-36934https://github.com/shaktavist/SeriousSamPOC Details
20Nonehttps://github.com/OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POCPOC Details
21Exploit for CVE-2021-36934https://github.com/chron1k/oxide_hivePOC Details
22PoC for CVE-2021-36934 Aka HiveNightmare/SeriousSAM written in python3https://github.com/Sp00kySkelet0n/PyNightmarePOC Details
23PoC malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) using a fileless red team method on Windows 10/11 with LOLBins, extracting SYSTEM and SAM hives for local NTLM hashes. https://github.com/P1rat3R00t/Why-so-Serious-SAMPOC Details
24Educational lab demonstrating CVE-2021-36934 (HiveNightmare) - Windows LPE via shadow copy ACL misconfiguration. https://github.com/d4yon/CVE-2021-36934-HiveNightmare-LabPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-36934
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: Windows 10 Version 1809
Same vendor: Microsoft
V. Comments for CVE-2021-36934

No comments yet

Leave a comment