Login Sign Up

CVE-2021-42990

8.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This vulnerability in FlexiHub for Windows allows local attackers to execute arbitrary code with kernel privileges or crash the operating system through a buffer overflow in an IOCTL handler. It affects users running vulnerable versions of FlexiHub on Windows systems. Attackers need local access to exploit this flaw.

💻 Affected Systems

Products:
  • FlexiHub for Windows
Versions: Above 2.0.4340, below 5.3.14268
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with FlexiHub installed. Requires local access to exploit.

📦 What is this software?

Flexihub by Flexihub

View all CVEs affecting Flexihub →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with kernel-level code execution leading to persistent backdoors, data theft, or ransomware deployment.

🟠

Likely Case

Local privilege escalation allowing attackers to gain SYSTEM privileges from a lower-privileged account.

🟢

If Mitigated

Denial of service through OS crash if exploit attempts fail or are detected.

🌐 Internet-Facing: LOW - Requires local access to the system, not directly exploitable over network.
🏢 Internal Only: HIGH - Local attackers or malware with initial foothold can escalate privileges to compromise entire system.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires crafting specific IOCTL requests. Local access needed but no authentication required beyond having user access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.3.14268 or later

Vendor Advisory: https://www.flexihub.com/

Restart Required: Yes

Instructions:

1. Download latest version from FlexiHub website. 2. Uninstall current version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Disable FlexiHub Service

windows

Stop and disable the FlexiHub service to prevent exploitation

sc stop FlexiHub
sc config FlexiHub start= disabled

Remove Vulnerable Driver

windows

Uninstall FlexiHub completely if not needed

appwiz.cpl
Select FlexiHub and click Uninstall

🧯 If You Can't Patch

  • Restrict local access to systems with FlexiHub installed
  • Implement application whitelisting to prevent unauthorized process execution

🔍 How to Verify

Check if Vulnerable:

Check FlexiHub version in Control Panel > Programs and Features. If version is between 2.0.4340 and 5.3.14268, system is vulnerable.

Check Version:

wmic product where name="FlexiHub" get version

Verify Fix Applied:

Verify FlexiHub version is 5.3.14268 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Unusual IOCTL requests to FlexiHub driver
  • System crashes or BSOD events
  • Unexpected privilege escalation events

Network Indicators:

  • Not applicable - local exploit only

SIEM Query:

EventID=4688 AND (ProcessName LIKE '%FlexiHub%' OR CommandLine CONTAINS 'FlexiHub') AND NewTokenElevationType=2

📊 Metadata

CVE ID: CVE-2021-42990
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-120
Published: December 7, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-42990, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)