The sample scripts are not supported under any N-able support program or service. The sample scripts are provided AS IS without warranty of any kind, and N-able expressly disclaims all implied warranties including, warranties of merchantability or of fitness for a particular purpose. In no event shall N-able or any other party be liable for damages arising out of the use of or inability to use the sample scripts.

Registry Hive Monitoring NC

Last Modified Date

7/21/2021 7:32 PM

Description

Checks the ACL for the SAM, SYSTEM, and SECURITY files for the READ attribute. This is an indicator of misconfigured permissions and should be addressed. 

Common vulnerability associated with these misconfigured permissions is CVE-2021-36934 but it is not exclusive to this vulnerability only.  

 

Type

Custom Service / Script Check

Category

Windows Configuration

Target OS

Windows 10;Windows Server 2016;Windows Server 2019

Compatible with N-Central

N-Central minimum version

Compatible with RMM

Syntax

Output

Will contain "Vulnerable" if SAM, SECURITY or SYSTEM have READ access

Keywords

hivenightmare cve-2021-36934 hive registry permission

Related Content