CVE-2021-24086

HIGH

Windows - Denial of Service via TCP/IP

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2021-24086. PoCs published by 0vercl0k, lisinan988, personnumber3377.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2021-24086, a NULL dereference vulnerability in Windows TCP/IP stack (tcpip.sys) triggerable via maliciously crafted IPv6 packets. The PoC uses Scapy to send fragmented IPv6 packets with excessive destination options headers to induce a denial-of-service condition.

Description

Windows TCP/IP Denial of Service Vulnerability

Exploits (3)

nomisec WORKING POC 235 stars
by 0vercl0k · poc
https://github.com/0vercl0k/CVE-2021-24086

This repository contains a functional proof-of-concept exploit for CVE-2021-24086, a NULL dereference vulnerability in Windows TCP/IP stack (tcpip.sys) triggerable via maliciously crafted IPv6 packets. The PoC uses Scapy to send fragmented IPv6 packets with excessive destination options headers to induce a denial-of-service condition.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows TCP/IP stack (tcpip.sys)
No auth needed
Prerequisites: Network access to target system · IPv6 connectivity
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 1 stars
by lisinan988 · poc
https://github.com/lisinan988/CVE-2021-24086-exp

This repository contains a functional proof-of-concept exploit for CVE-2021-24086, a NULL dereference vulnerability in Windows TCP/IP stack (tcpip.sys) triggerable via crafted IPv6 packets. The PoC uses Scapy to send fragmented IPv6 packets with malicious extension headers to cause a denial of service.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows TCP/IP stack (tcpip.sys)
No auth needed
Prerequisites: Network access to target · IPv6 connectivity
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WRITEUP
by personnumber3377 · poc
https://github.com/personnumber3377/windows_tcpip_fuzz

This repository references a fuzzing attempt targeting the tcpip.sys driver in Windows, inspired by CVE-2021-24086. It lacks actual exploit code but provides a technical reference to a detailed writeup on the vulnerability mechanics.

Classification
Writeup 80%
Attack Type
Dos
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Windows tcpip.sys driver
No auth needed
Prerequisites: Network access to target system · Ability to send crafted packets
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References

Scores

CVSS v3 7.5
EPSS 0.5896
EPSS Percentile 99.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (19)
microsoft/windows_10
microsoft/windows_10 20h2
microsoft/windows_10 1607
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1909
microsoft/windows_10 2004
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 9 more
Published Feb 25, 2021
Tracked Since Feb 18, 2026