CISA says to urgently patch actively exploited SeriousSAM/HiveNightmare flaw affecting Windows 11
The CISA (US Cybersecurity and Infrastructure Security Agency) has published a list of 15 actively exploited software vulnerabilities, encouraging users of Windows and macOS to install the available patches.
Included in the list is the SeriousSAM vulnerability that is also known as HiveNightmare affects Windows 10 and 11. Tracked as CVE-2021-36934, this is a local privilege escalation vulnerability that makes it possible for an attacker to grab password hashes from the registry and gain admin privileges.
HiveNightmare: Windows 10 and Windows 11 have a security vulnerability that can be exploited to gain administrative access to the registry
A local privilege escalation vulnerability has been discovered in Windows 10 that can used to gain access to otherwise inaccessible areas of the registry. In turn, this access makes it possible to discover passwords, obtain DPAPI decryption keys and more. The problem also affects Windows 11.
Dubbed HiveNightmare (because of the access it allows to registry hives), the zero-day vulnerability comes hot on the heels of the PrintNightmare security flaw. While no patch is currently available, Microsoft has provided details of a workaround in the meantime.