Back to board Open MSRC
MSRC compact vulnerability detail

CVE-2021-26432 · Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability

No description was published by MSRC.

Severity
n/a
Impact
n/a
CVSS
n/a base · n/a temporal
Release
2021-08-10
Signals
Windows Services for NFS ONCRPC XDR Driver Unknown impact Exploited: No Publicly disclosed: No Exploitability: Exploitation More Likely
CWE
No CWE data published.
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Old version New version
Description
No description was published by MSRC.
FAQ / Articles
FAQ
What system configurations would expose this vulnerability? Servers that have installed the Network File System are exposed to this vulnerability in rpcxdr.sys. An attacker would require read or write permission to any file on an NFS share on the victim system. If NFS is configured to allow anonymous access, then the victim system would be vulnerable to unauthenticated attackers. Does this security update apply to non-server systems? Yes. While servers are much more likely to be exposed to this vulnerability, the security update to rpcxdr.sys applies to all Windows editions in the Security Updates table.