CVE-2021-40444— Microsoft MSHTML.DLL 路径遍历漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2021-40444の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Microsoft MSHTML Remote Code Execution Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p> <p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p> <p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p> <p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p> <p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p>
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Microsoft MSHTML.DLL 路径遍历漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Microsoft MSHTML.DLL是美国微软(Microsoft)公司的一个用于解析HTML语言的动态链接库,IE、Outlook、Outlook Express等应用程序都使用了该动态链接库。 Microsoft MSHTML.DLL 存在路径遍历漏洞,远程攻击者可以创建带有恶意ActiveX控件的特制Office文档,诱使受害者打开文档并在系统上执行任意代码。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Microsoft | Windows 10 Version 1809 | 10.0.0 ~ 10.0.17763.2183 | cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2183:*:*:*:*:*:x86:* | |
| Microsoft | Windows Server 2019 | 10.0.0 ~ 10.0.17763.2183 | cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183:*:*:*:*:*:*:* | |
| Microsoft | Windows Server 2019 (Server Core installation) | 10.0.0 ~ 10.0.17763.2183 | cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183:*:*:*:*:*:*:* | |
| Microsoft | Windows 10 Version 1909 | 10.0.0 ~ 10.0.18363.1801 | cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1801:*:*:*:*:*:x86:* | |
| Microsoft | Windows 10 Version 21H1 | 10.0.0 ~ 10.0.19043.1237 | cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1237:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2022 | 10.0.0 ~ 10.0.20348.230 | cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.230:*:*:*:*:*:*:* | |
| Microsoft | Windows 10 Version 2004 | 10.0.0 ~ 10.0.19041.1237 | cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1237:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server version 2004 | 10.0.0 ~ 10.0.19041.1237 | cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1237:*:*:*:*:*:*:* | |
| Microsoft | Windows 10 Version 20H2 | 10.0.0 ~ 10.0.19042.1237 | cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1237:*:*:*:*:*:x86:* | |
| Microsoft | Windows Server version 20H2 | 10.0.0 ~ 10.0.19042.1237 | cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1237:*:*:*:*:*:*:* | |
| Microsoft | Windows 10 Version 1507 | 10.0.0 ~ 10.0.10240.19060 | cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19060:*:*:*:*:*:x86:* | |
| Microsoft | Windows 10 Version 1607 | 10.0.0 ~ 10.0.14393.4651 | cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4651:*:*:*:*:*:x86:* | |
| Microsoft | Windows Server 2016 | 10.0.0 ~ 10.0.14393.4651 | cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651:*:*:*:*:*:*:* | |
| Microsoft | Windows Server 2016 (Server Core installation) | 10.0.0 ~ 10.0.14393.4651 | cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651:*:*:*:*:*:*:* | |
| Microsoft | Windows 7 | 6.1.0 ~ 6.1.7601.25712 | cpe:2.3:o:microsoft:windows_7:6.1.7601.25712:sp1:*:*:*:*:x86:* | |
| Microsoft | Windows 7 Service Pack 1 | 6.1.0 ~ 6.1.7601.25712 | cpe:2.3:o:microsoft:windows_7:6.1.7601.25712:sp1:*:*:*:*:x64:* | |
| Microsoft | Windows 8.1 | 6.3.0 ~ 6.3.9600.20120 | cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20120:*:*:*:*:*:x86:* | |
| Microsoft | Windows Server 2008 Service Pack 2 | 6.0.0 ~ 6.0.6003.21218 | cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21218:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) | 6.0.0 ~ 6.0.6003.21218 | cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21218:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2008 Service Pack 2 | 6.0.0 ~ 6.0.6003.21218 | cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21218:*:*:*:*:*:x86:* | |
| Microsoft | Windows Server 2008 R2 Service Pack 1 | 6.1.0 ~ 6.1.7601.25712 | cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25712:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) | 6.0.0 ~ 6.1.7601.25712 | cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25712:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2012 | 6.2.0 ~ 6.2.9200.23462 | cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23462:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2012 (Server Core installation) | 6.2.0 ~ 6.2.9200.23462 | cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23462:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2012 R2 | 6.3.0 ~ 6.3.9600.20120 | cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20120:*:*:*:*:*:x64:* | |
| Microsoft | Windows Server 2012 R2 (Server Core installation) | 6.3.0 ~ 6.3.9600.20120 | cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20120:*:*:*:*:*:x64:* |
II. CVE-2021-40444の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|---|---|---|
| 1 | Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444 | https://github.com/ozergoker/CVE-2021-40444 | POC詳細 |
| 2 | CVE-2021-40444 POC | https://github.com/DarkSprings/CVE-2021-40444 | POC詳細 |
| 3 | None | https://github.com/rfcxv/CVE-2021-40444-POC | POC詳細 |
| 4 | 根据已知样本反编译代码 | https://github.com/bambooqj/CVE-2021-40444_EXP_JS | POC詳細 |
| 5 | None | https://github.com/Immersive-Labs-Sec/cve-2021-40444-analysis | POC詳細 |
| 6 | None | https://github.com/vysecurity/CVE-2021-40444 | POC詳細 |
| 7 | CVE-2021-40444 Sample | https://github.com/Udyz/CVE-2021-40444-Sample | POC詳細 |
| 8 | CVE-2021-40444 PoC | https://github.com/lockedbyte/CVE-2021-40444 | POC詳細 |
| 9 | None | https://github.com/fengjixuchui/CVE-2021-40444-docx-Generate | POC詳細 |
| 10 | None | https://github.com/KnoooW/CVE-2021-40444-docx-Generate | POC詳細 |
| 11 | A malicious .cab creation tool for CVE-2021-40444 | https://github.com/mansk1es/Caboom | POC詳細 |
| 12 | Reverse engineering the "A Letter Before Court 4.docx" malicious files exploting cve-2021-40444 | https://github.com/jamesrep/cve-2021-40444 | POC詳細 |
| 13 | None | https://github.com/W1kyri3/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx | POC詳細 |
| 14 | This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit | https://github.com/aslitsecurity/CVE-2021-40444_builders | POC詳細 |
| 15 | POC for CVE-2021-40444 | https://github.com/khoaduynu/CVE-2021-40444 | POC詳細 |
| 16 | Malicious document builder for CVE-2021-40444 | https://github.com/Jeromeyoung/MSHTMHell | POC詳細 |
| 17 | None | https://github.com/k8gege/CVE-2021-40444 | POC詳細 |
| 18 | CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit | https://github.com/klezVirus/CVE-2021-40444 | POC詳細 |
| 19 | CVE-2021-40444 - Custom CAB templates from MakeCAB | https://github.com/Udyz/CVE-2021-40444-CAB | POC詳細 |
| 20 | Modified code so that we don´t need to rely on CAB archives | https://github.com/Edubr2020/CVE-2021-40444--CABless | POC詳細 |
| 21 | CVE 2021 40444 Windows Exploit services.dll | https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives | POC詳細 |
| 22 | This docx exploit uses res files inside Microsoft .docx file to execute malicious files. This exploit is related to CVE-2021-40444 | https://github.com/LazarusReborn/Docx-Exploit-2021 | POC詳細 |
| 23 | None | https://github.com/H0j3n/CVE-2021-40444 | POC詳細 |
| 24 | None | https://github.com/metehangenel/MSHTML-CVE-2021-40444 | POC詳細 |
| 25 | TIC4301 Project - CVE-2021-40444 | https://github.com/Jeromeyoung/TIC4301_Project | POC詳細 |
| 26 | None | https://github.com/TiagoSergio/CVE-2021-40444 | POC詳細 |
| 27 | An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework. | https://github.com/wh00datz/CVE-2021-40444-POC | POC詳細 |
| 28 | Contains the offensive (exploit and auxiliary) modules for the CVE-2021-40444. | https://github.com/Zeop-CyberSec/word_mshtml | POC詳細 |
| 29 | None | https://github.com/Alexcot25051999/CVE-2021-40444 | POC詳細 |
| 30 | None | https://github.com/lisinan988/CVE-2021-40444-exp | POC詳細 |
| 31 | CVE-2021-40444 | https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit | POC詳細 |
| 32 | Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit | https://github.com/MRacumen/CVE-2021-40444 | POC詳細 |
| 33 | None | https://github.com/RedLeavesChilde/CVE-2021-40444 | POC詳細 |
| 34 | None | https://github.com/nvchungkma/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution- | POC詳細 |
| 35 | None | https://github.com/hqdat809/CVE-2021-40444 | POC詳細 |
| 36 | None | https://github.com/tiagob0b/CVE-2021-40444 | POC詳細 |
| 37 | An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework. | https://github.com/kagura-maru/CVE-2021-40444-POC | POC詳細 |
| 38 | For learning purpose did a complete analysis on CVE-2021-40444 POC (proof of concept) | https://github.com/skitkat/CVE-2021-40444-POC | POC詳細 |
| 39 | CVE-2021-40444 Sample | https://github.com/k4k4/CVE-2021-40444-Sample | POC詳細 |
| 40 | CVE-2021-40444 - Custom CAB templates from MakeCAB | https://github.com/Phuong39/CVE-2021-40444-CAB | POC詳細 |
| 41 | This repository contains scripts and resources for exploiting the Follina CVE and CVE-2021-40444 vulnerabilities in Microsoft Office. The scripts generate malicious document files that can execute arbitrary code on the target system. | https://github.com/basim-ahmad/Follina-CVE-and-CVE-2021-40444 | POC詳細 |
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2021-40444のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Microsoft · 2021-09-15 · 61 CVEs total
| CVE-2021-38647 | 9.8 CRITICAL | Open Management Infrastructure Remote Code Execution Vulnerability |
| CVE-2021-36965 | 8.8 HIGH | Windows WLAN AutoConfig Service Remote Code Execution Vulnerability |
| CVE-2021-36954 | 8.8 HIGH | Windows Bind Filter Driver Elevation of Privilege Vulnerability |
| CVE-2021-26435 | 8.1 HIGH | Windows Scripting Engine Memory Corruption Vulnerability |
| CVE-2021-36967 | 8.0 HIGH | Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability |
| CVE-2021-38625 | 7.8 HIGH | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2021-38626 | 7.8 HIGH | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2021-38628 | 7.8 HIGH | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2021-38655 | 7.8 HIGH | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2021-38630 | 7.8 HIGH | Windows Event Tracing Elevation of Privilege Vulnerability |
| CVE-2021-38656 | 7.8 HIGH | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2021-38654 | 7.8 HIGH | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2021-36975 | 7.8 HIGH | Win32k Elevation of Privilege Vulnerability |
| CVE-2021-38639 | 7.8 HIGH | Win32k Elevation of Privilege Vulnerability |
| CVE-2021-38648 | 7.8 HIGH | Open Management Infrastructure Elevation of Privilege Vulnerability |
| CVE-2021-38646 | 7.8 HIGH | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
| CVE-2021-38645 | 7.8 HIGH | Open Management Infrastructure Elevation of Privilege Vulnerability |
| CVE-2021-38644 | 7.8 HIGH | Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability |
| CVE-2021-38653 | 7.8 HIGH | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2021-26434 | 7.8 HIGH | Visual Studio Elevation of Privilege Vulnerability |
Showing 20 of 61 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Windows 10 Version 1809
- CVE-2026-32163
Windows User Interface Core Elevation of Privilege Vulnerabi - CVE-2026-32162
Windows COM Elevation of Privilege Vulnerability - CVE-2026-32153
Windows Speech Runtime Elevation of Privilege Vulnerability - CVE-2026-32088
Windows Biometric Service Security Feature Bypass Vulnerabil - CVE-2026-32078
Windows Projected File System Elevation of Privilege Vulnera
同じベンダー: Microsoft
- CVE-2026-42826
Azure DevOps Information Disclosure Vulnerability - CVE-2026-35428
Azure Cloud Shell Spoofing Vulnerability - CVE-2026-35435
Azure AI Foundry Elevation of Privilege Vulnerability - CVE-2026-34327
Microsoft Partner Center Spoofing Vulnerability - CVE-2026-33844
Azure Managed Instance for Apache Cassandra Remote Code Exec
V. CVE-2021-40444へのコメント
まだコメントはありません