THREAT OPS › CVEs › CVE-2021-36942
CVE-2021-36942 — Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.
Vulnerability details
- Affected productsWindows
- KEV remediation due2021-11-17