FAQ
How could an attacker exploit this vulnerability? An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution.
MSRC compact vulnerability detail
CVE-2021-43215 · iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution
No description was published by MSRC.
Signals
Internet Storage Name Service
Remote Code Execution
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation More Likely
CWE
No CWE data published.
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
No description was published by MSRC.
FAQ / Articles
FAQ
What is Windows iSNS? The Internet Storage Name Service (iSNS) protocol is used for interaction between iSNS servers and iSNS clients. iSNS manages an Internet Storage Name Service (iSNS) server, providing a registration function to allow all entities in a storage network to register and query the iSNS database. Is Windows iSNS installed by default? No. See iSNS Server Overview for more information about iSNS.