Table of Contents
  • Home
  • /
  • Blog
  • /
  • A Critical RCE PowerShell Vulnerability – Upgrade PowerShell At The Earliest
July 7, 2021

A Critical RCE PowerShell Vulnerability – Upgrade PowerShell At The Earliest

Critical Rce Powershell Vulnerability

Microsoft found a critical RCE PowerShell vulnerability that could allow an attacker to launch a remote code execution vulnerability. Microsoft recommends Azure users to upgrade PowerShell to protect against the RCE vulnerability.

What Is PowerShell?

PowerShell is a cross-platform task automation utility made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on most of the Windows, Linux, and macOS platforms.” Click here to read more about PowerShell.

PowerShell Vulnerability Affected Versions:

The issue lice with CVE-2021-26701. PowerShell v 7.0 & v7.1 were affected by this vulnerability, and it has been fixed in v 7.0.6 and 7.1.3, respectively. Microsoft says that Windows PowerShell v5.1 is considered safe from vulnerability.

The actual RCE PowerShell vulnerability is residing in the “System.Text.Encodings.Web” package. A web encoder package used for HTML, JavaScript, and Url character encoding.

Vulnerable Package Versions:

Package NameVulnerable VersionsSecure Versions
System.Text.Encodings.Web4.0.0 –

Table #1: PowerShell vulnerability affected version

How To Check The PowerShell Version?

There are different ways to see the version of the PowerShell. However, we have shared three simple commands to check the PowerShell version.

  1. >$PSVersionTable

  2. >get-host

  3. >Get-Host | Select-Object Version

How To Fix The Critical RCE PowerShell Vulnerability?

The best way to fix this Critical RCE PowerShell Vulnerability is to Upgrade PowerShell to the latest version.

• Version 7.0 to 7.0.6
• Version 
7.1 to 7.1.3

PowerShell is a multi-platform utility. Here you can see the procedure to install/upgrade PowerShell on a different platform.

Thanks for reading this post. Would you mind sharing this with Azure users and making them aware of this critical RCE PowerShell vulnerability?

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.



View All

Learn Something New with Free Email subscription