The remote Windows host is missing security update 4598275 or cumulative update 4598285. It is, therefore, affected by multiple vulnerabilities :

  - An information disclosure vulnerability. An attacker can     exploit this to disclose potentially sensitive     information. (CVE-2021-1637, CVE-2021-1656,     CVE-2021-1676, CVE-2021-1696, CVE-2021-1699,     CVE-2021-1708)

  - An elevation of privilege vulnerability. An attacker can     exploit this to gain elevated privileges.
    (CVE-2021-1648, CVE-2021-1649, CVE-2021-1650,     CVE-2021-1652, CVE-2021-1653, CVE-2021-1654,     CVE-2021-1655, CVE-2021-1659, CVE-2021-1661,     CVE-2021-1688, CVE-2021-1693, CVE-2021-1694,     CVE-2021-1695, CVE-2021-1702, CVE-2021-1704,     CVE-2021-1706, CVE-2021-1709)

  - A security feature bypass vulnerability exists. An     attacker can exploit this and bypass the security     feature and perform unauthorized actions compromising     the integrity of the system/application. (CVE-2021-1674,     CVE-2021-1678, CVE-2021-1683, CVE-2021-1684)

  - A denial of service (DoS) vulnerability. An attacker can     exploit this issue to cause the affected component to     deny system or application services. (CVE-2021-1679,     CVE-2021-1692)

  - A remote code execution vulnerability. An attacker can     exploit this to bypass authentication and execute     unauthorized arbitrary commands. (CVE-2021-1657,     CVE-2021-1658, CVE-2021-1660, CVE-2021-1664,     CVE-2021-1665, CVE-2021-1666, CVE-2021-1667,     CVE-2021-1668, CVE-2021-1671, CVE-2021-1673,     CVE-2021-1700, CVE-2021-1701, CVE-2021-1710)

Detections

Analytics

KB4598275: Windows 8.1 and Windows Server 2012 R2 January 2021 Security Update

critical Nessus Plugin ID 144888

Version 1.12

Version 1.11

Version 1.10

Version 1.9

Version 1.12 Nov 29, 2024, 9:42 AM CVSS metrics ("CVSSv3 score" set to 9.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H") CVSSv3 score source (changed from "CVE-2021-1701" to "CVE-2021-1694") Plugin Feed: 202411290942
Version 1.11 Jun 17, 2024, 3:35 PM Plugin metadata (add more granular CPEs to Windows OS plugins) Plugin Feed: 202406171535
Version 1.10 Jan 30, 2024, 3:19 PM CVSS metrics ("CVSSv3 score" set to 8.8. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") CVSSv3 score source (changed from "CVE-2021-1694" to "CVE-2021-1701") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202401301519
Version 1.9 Dec 7, 2022, 4:47 PM Reference Plugin Feed: 202212071647