← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-36942 — Actively Exploited: Windows (Microsoft)

Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.

CVE IDCVE-2021-36942
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Local Security Authority (LSA) Spoofing Vulnerability
Date added2021-11-03
Remediation due2021-11-17
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionMicrosoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →