CVE-2021-33742

Name of the Vulnerable Software and Affected Versions Windows MSHTML Platform (affected versions not specified)

Description The issue is related to a buffer overflow in memory, allowing a remote attacker to execute arbitrary code. This can affect the system and potentially lead to information disclosure or privilege escalation. There have been reports of real-world attacks exploiting this issue, with Google TAG noting its use by a state-sponsored APT against targets in Eastern Europe and the Middle East. Additionally, Kaspersky reported that two privilege escalation vulnerabilities were part of a complex exploit chain used by a new actor, PuzzleMaker, in attacks on several companies.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.