CVE-2021-1732

Vulnerability Profile Updated 3 months ago

Download STIX

Preview STIX

CVE-2021-1732 is a software vulnerability, specifically a flaw in the design or implementation of Microsoft's Windows 10 systems. This vulnerability exposes the system to an elevation of privilege threat, where an attacker could potentially gain higher-level permissions on the system and carry out malicious activities. The exploit targets specific build numbers of Windows 10 and checks for the presence of a particular patch. This vulnerability was reported to Microsoft in 2021, and it bears similarities to another previously identified vulnerability. Upon receiving the report, Microsoft promptly released a patch to rectify the issue, demonstrating their proactive approach towards maintaining system security. However, the systems that have not applied this patch remain vulnerable to the CVE-2021-1732 exploit. Protection against this threat is provided by Check Point Threat Emulation and Intrusion Prevention System (IPS). These security solutions offer safeguards against the Trojan.Wins.RaspberryRobin threat, as well as the Microsoft Win32k Elevation of Privilege vulnerabilities (CVE-2021-1732 and CVE-2020-1054). It is crucial for organizations and individuals to ensure they have the latest patches and security updates installed to mitigate these risks effectively.

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Exploit

Windows

Malware

Vulnerability

Chromium

Associated Malware

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
Raspberry Robin	Unspecified	1	Raspberry Robin is a sophisticated malware that has been designed to exploit and damage computer systems. This malicious software infiltrates the system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, Raspberry Robin can steal personal information, di

Associated Threat Actors

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
No associations to display

Associated Vulnerabilities

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
CVE-2020-1054	Unspecified	1	CVE-2020-1054 is a software vulnerability that lies in the design and implementation of Microsoft's Win32k component. It specifically exploits a flaw in the win32k window object, enabling it to write data beyond its intended boundaries. This vulnerability is significant because it allows malicious a
Proxyshell	Unspecified	1	ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau
Proxynotshell	Unspecified	1	ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t
Follina	Unspecified	1	Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou

Source Document References

Information about the CVE-2021-1732 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source	CreatedAt	Title
DARKReading	5 months ago	Raspberry Robin Jumps on 1-Day Bugs to Nest Deep in Windows Networks
Checkpoint	5 months ago	Raspberry Robin Keeps Riding the Wave of Endless 1-Days - Check Point Research
Securityaffairs	a year ago	In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues
Unit42	a year ago	Inside Win32k Exploitation: Analysis of CVE-2022-21882 and CVE-2021-1732
Unit42	a year ago	Inside Win32k Exploitation: Background on Implementations of Win32k and Exploitation Methodologies
Checkpoint	a year ago	Raspberry Robin: Anti-Evasion How-To & Exploit Analysis - Check Point Research
InfoSecurity-magazine	a year ago	Raspberry Robin Adopts Unique Evasion Techniques
CERT-EU	a year ago	24th April – Threat Intelligence Report - Check Point Research