THREATOPS
THREAT OPSCVEs › CVE-2021-36942

CVE-2021-36942 — Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.

Vulnerability details