CVE-2021-40444

Description from NVD

Microsoft MSHTML Remote Code Execution Vulnerability

Information Acquisition Date:2022-11-28T14:55Z
CVSS 2.0: 6.8 MEDIUM CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:P/I:P/A:P

NVD References

 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40444
     source:MISC
     tags:Mitigation    Patch    Vendor Advisory    
 http://packetstormsecurity.com/files/164210/Microsoft-Windows-MSHTML-Overview.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/165214/Microsoft-Office-Word-MSHTML-Remote-Code-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/167317/Microsoft-Office-MSDT-Follina-Proof-Of-Concept.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://web308
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...217
http://twinybots.ch60
https://cvetrends.com50
https://lists.astaro.com/ASGV9-IPS-rules.html20
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessag...17
https://securityaffairs.co/wordpress/122224/security/micros...15
http://cyberiqs.com/latestnews14
https://thehackernews.com/2021/09/new-0-day-attack-targetin...12
https://research.trendmicro.com/3m7VfEz11
https://www.nichepcgamer.com/archives/cve-2021-40444-window...7
https://news.mynavi.jp/techplus/article/20211224-22374336
https://otx.alienvault.com/pulse/613914361364535ed5d60bc46
https://blog.segu-info.com.ar/2021/09/zero-day-critico-en-m...6
https://securelist.com/exploitation-of-the-cve-2021-40444-v...5
https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-a...5
https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/m...5
https://www.kaspersky.com/blog/cve-2021-40444-vulnerability...5
https://news.ycombinator.com/item?id=298549835
https://blog.trendmicro.co.jp/archives/287245
https://noticiasseguridad.com/vulnerabilidades/cve-2021-404...5
https://michaelkoczwara.medium.com/mapping-and-pivoting-cob...5
https://ascii.jp/elem/000/004/070/4070263/4
https://youtu.be/Oz16xte5UeU4
https://go.shr.lc/3lwUSVd4
https://blog.nviso.eu/2021/09/09/kusto-hunting-query-for-cv...4
https://www.ipa.go.jp/security/ciadr/vul/20210908-ms.html4
https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174...4
https://asec.ahnlab.com/ko/28690/4
https://bazaar.abuse.ch/browse/tag/CVE-2021-40444/4
https://news.sophos.com/en-us/2021/12/21/attackers-test-cab...4
https://therecord.media/microsoft-warns-of-new-ie-zero-day-...4
https://www.jpcert.or.jp/at/2021/at210038.html4
https://krebsonsecurity.com/2021/09/microsoft-attackers-exp...4
https://www.hackplayers.com/2021/09/parche-para-cve-2021-40...4
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-019/4
https://www.securityweek.com/microsoft-office-zero-day-hit-...4
https://blog.malwarebytes.com/reports/2021/09/mshtml-attack...4
https://www.bleepingcomputer.com/news/security/microsoft-sh...4
https://j.mp/3hNnSpo3
https://ift.tt/2X1SJ9X3
http://CERT.LV3
https://buff.ly/3yUkMFF3
http://dlvr.it/S78KzT3
https://msft.it/6011XTGHN3
https://xakep.ru/2021/09/10/cve-2021-3
http://earmas.ga3
https://github.com/SigmaHQ/sigma/blob/master/rules/windows/...3
http://izumino.jp/Security/sec_trend.cgi?ref=tw&ref_date=20...3
https://raidforums3
https://blog.google/threat-analysis-group/exposing-initial-...3
https://cert.gov.ua/article/405593
https://opsmtrs.com/33G8R113
https://twitter.com/msftsecresponse/status/14353079490149908503
http://Pastebin.com3
https://isc.sans.edu/diary/rss/278183
https://vx-underground3
http://www.jisaka.com/archives/38706571.html3
https://www.riskiq.com/blog/external-threat-management/wiza...3
https://www.youtube.com/watch?v=Oz16xte5UeU3
https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft...3
https://blog.alyac.co.kr/42623
https://news.yahoo.co.jp/byline/ohmototakashi/20210912-0025...3
https://paper.seebug.org/1718/3
https://www.adslzone.net/noticias/windows/ataque-cve-2021-4...3
https://www.borncity.com/blog/2021/09/10/mshtml-schwachstel...3
https://www.fortinet.com/blog/threat-research/microsoft-msh...3
https://www.huntress.com/blog/cybersecurity-advisory-hacker...3
http://www.kitploit.com/2021/09/cve-2021-40444-poc-maliciou...3
https://www.microsoft.com/security/blog/2021/09/15/analyzin...3
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2...3
https://www.anoopcnair.com/deploy-registry-fix-using-intune...3
https://www.ecucert.gob.ec/alertas3
https://www.trendmicro.com/en_us/research/21/i/remote-code-...3
https://xret2pwn.github.io/CVE-2021-40444-Analysis-and-Expl...3
https://ciberseguridad.blog/detectando-ficheros-ofimaticos-...3
https://www.sentinelone.com/blog/peeking-into-cve-2021-4044...3
http://feedproxy.google.com/~r/HelpNetSecurity/~3/j02rIori0KA/3
https://www.kaspersky.com.br/blog/cve-2021-40444-vulnerabil...3
https://kataware.hatenablog.jp/entry/2021/09/12/1659213
https://www.helpnetsecurity.com/2021/09/08/cve-2021-40444/3
https://www.zerodayinitiative.com/blog/2020/7/8/cve-2020-13...3
https://googleprojectzero.github.io/0days-in-the-wild//0day...3

Information from Twitter

User URL Info Source Date
_Doctor__c https://twitter.com/_Doctor__c/status/1638065706830004224/p... Source _Doctor__c       1638065706830004224 2023/03/21
buaqbot https://ift.tt/3Rc0d9M Source buaqbot          1641853184254541849 2023/04/01
buaqbot https://ift.tt/LVfx4w9 Source buaqbot          1641853184254541849 2023/04/01

List of frequently cited URLs

URLNum of Times Referred to
web308
alerts.vulmon.com217
twinybots.ch60
cvetrends.com50
lists.astaro.com20
citizenlab.ca17
securityaffairs.co15
cyberiqs.com14
thehackernews.com12
research.trendmicro.com11
www.nichepcgamer.com7
news.mynavi.jp6
otx.alienvault.com6
blog.segu-info.com.ar6
securelist.com5
www.mcafee.com5
us-cert.cisa.gov5
www.kaspersky.com5
news.ycombinator.com5
blog.trendmicro.co.jp5
noticiasseguridad.com5
michaelkoczwara.medium.com5
ascii.jp4
youtu.be4
go.shr.lc4
blog.nviso.eu4
www.ipa.go.jp4
threatpost.com4
asec.ahnlab.com4
bazaar.abuse.ch4
news.sophos.com4
therecord.media4
www.jpcert.or.jp4
krebsonsecurity.com4
www.hackplayers.com4
www.cert.ssi.gouv.fr4
www.securityweek.com4
blog.malwarebytes.com4
www.bleepingcomputer.com4
j.mp3
ift.tt3
CERT.LV3
buff.ly3
dlvr.it3
msft.it3
xakep.ru3
earmas.ga3
github.com3
izumino.jp3
raidforums3
blog.google3
cert.gov.ua3
opsmtrs.com3
twitter.com3
Pastebin.com3
isc.sans.edu3
vx-underground3
www.jisaka.com3
www.riskiq.com3
www.youtube.com3
billdemirkapi.me3
blog.alyac.co.kr3
news.yahoo.co.jp3
paper.seebug.org3
www.adslzone.net3
www.borncity.com3
www.fortinet.com3
www.huntress.com3
www.kitploit.com3
www.microsoft.com3
msrc.microsoft.com3
www.anoopcnair.com3
www.ecucert.gob.ec3
www.trendmicro.com3
xret2pwn.github.io3
ciberseguridad.blog3
www.sentinelone.com3
feedproxy.google.com3
www.kaspersky.com.br3
kataware.hatenablog.jp3
www.helpnetsecurity.com3
www.zerodayinitiative.com3
googleprojectzero.github.io3

Information from Twitter

User URL Info Source
_Doctor__c twitter.com Show Tweet
buaqbot ift.tt Show Tweet
buaqbot ift.tt Show Tweet
GitHub Search Results: Up to 10
NameURL
lockedbyte/CVE-2021-40444 https://github.com/lockedbyte/CVE-2021-40444
klezVirus/CVE-2021-40444 https://github.com/klezVirus/CVE-2021-40444
Udyz/CVE-2021-40444-Sample https://github.com/Udyz/CVE-2021-40444-Sample
aslitsecurity/CVE-2021-40444_builders https://github.com/aslitsecurity/CVE-2021-40444_builders
34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
Edubr2020/CVE-2021-40444--CABless https://github.com/Edubr2020/CVE-2021-40444--CABless
rfcxv/CVE-2021-40444-POC https://github.com/rfcxv/CVE-2021-40444-POC
DarkSprings/CVE-2021-40444 https://github.com/DarkSprings/CVE-2021-40444
ozergoker/CVE-2021-40444 https://github.com/ozergoker/CVE-2021-40444
k8gege/CVE-2021-40444 https://github.com/k8gege/CVE-2021-40444
GitHub Search Results: Up to 10
NameURL
lockedbyte/CVE-2021-40444 github.com
klezVirus/CVE-2021-40444 github.com
Udyz/CVE-2021-40444-Sample github.com
aslitsecurity/CVE-2021-40444_builders github.com
34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit github.com
Edubr2020/CVE-2021-40444--CABless github.com
rfcxv/CVE-2021-40444-POC github.com
DarkSprings/CVE-2021-40444 github.com
ozergoker/CVE-2021-40444 github.com
k8gege/CVE-2021-40444 github.com
2023/04/01 Score : 1
Added Har-sia Database : 2021/09/08
Last Modified : 2023/04/01
Highest Scored Date : 2021/09/08
Highest Score : 268