CVE-2021-168112.01.2021, 20:15Windows WalletService Elevation of Privilege VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTPrimary7.8 HIGHLOCALLOWLOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HmicrosoftCNA7.8 HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CBase ScoreCVSS 3.xEPSS ScorePercentile: UnknownAffected Products (NVD)VendorProductVersionmicrosoftwindows_10-𝑥= Vulnerable software versionsWindows ReleasesPlatformVersionWindows 10(x64, x86)KB45982311607 (x64, x86)KB45982431803 (arm64, x64, x86)KB45982451809 (arm64, x64, x86)KB45982301909 (arm64, x64, x86)KB45982292004 (arm64, x64, x86)KB459824220H2 (arm64, x86)KB4598242Common Weakness EnumerationCWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1681https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1681