N-able Backup has evolved into Cove Data Protection

Learn more
The scripts in this library come from a variety of sources, including partners and other third parties. While N-able performs initial testing on these scripts, we do not regularly or permanently monitor these scripts, and therefore, we cannot make any guarantees about third-party content. By downloading or using any of these scripts, you agree that they are provided AS IS without warranty of any kind and we expressly disclaim all implied warranties including warranties of merchantability or of fitness for a particular purpose. In no event shall N-able or any other party be liable for any damages arising out of the use of or inability to use these scripts.

N-able suggests as a best practice that scripts should be tested on non-production environments.
  1. Home
  2. Article: Registry Hive M...

Registry Hive Monitoring NC

Last Modified Date

7/21/2021 7:32 PM

Description

Checks the ACL for the SAM, SYSTEM, and SECURITY files for the READ attribute. This is an indicator of misconfigured permissions and should be addressed. 

Common vulnerability associated with these misconfigured permissions is CVE-2021-36934 but it is not exclusive to this vulnerability only.  

 

Type

Custom Service / Script Check

Category

Windows Configuration

Target OS

Windows 10;Windows Server 2016;Windows Server 2019

Compatible with N-central

N-central minimum version

Compatible with RMM

Syntax

Output

Will contain "Vulnerable" if SAM, SECURITY or SYSTEM have READ access

Download Link

https://files.n-able.com/NRCNable/media/Cookbook/Monitor+for+ACL+READ+SAM_SECURITY_SYSTEM_NC.amp

Keywords

hivenightmare cve-2021-36934 hive registry permission

Did this article help you?

Related Content