VDB
CVE-2021-28041
CVE-2021-28041
PUBLISHED
Es existiert eine Schwachstelle in OpenSSH, welche aufgrund eines double-memory-free-Fehlers besteht. Eine Ausnutzung ist möglich, wenn ein Angreifer Zugriff auf den "Agent-Socket" besitzt. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen.
EPSS 0.26% · 49.2th percentile
Risk Scores
EPSS Score
0.26%
49.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gentoo | Gentoo Linux | |
| Ubuntu | Ubuntu Linux | |
| SolarWinds | SolarWinds Security Event Manager <2024.2 | |
| Dell | Dell NetWorker virtual | |
| EMC | EMC Avamar | |
| SolarWinds | SolarWinds Security Event Manager <2023.2 | |
| SUSE | SUSE Linux | |
| IGEL | IGEL OS |
Exploit Intelligence
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- cve_db.json (github-poc)
- cve_db.json (github-poc)
- cve_db.json (github-poc)
- cve_db.json (github-poc)
…and 2 more exploits
Timeline
- Mar 3, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1082.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1082 advisory
- https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-0997.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0997 advisory
- https://security.paloaltonetworks.com/CVE-2021-28041 advisory
- https://security.gentoo.org/glsa/202105-35 advisory
- https://www.openssh.com/txt/release-8.5 advisory
- https://ubuntu.com/security/notices/USN-4762-1 advisory
- https://kb.igel.com/securitysafety/en/isn-2021-06-igel-os-openssh-vulnerabilities-47717622.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-December/009929.html advisory
- https://documentation.solarwinds.com/en/Success_Center/SEM/content/release_notes/sem_2023-2_release_notes.htm advisory
- https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2024-2_release_notes.htm advisory
- https://www.dell.com/support/kbdoc/000224827/dsa-2024-= advisory