CVE-2021-26876

EUVD-2021-13660
OpenType Font Parsing Remote Code Execution Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
microsoftCNA
8.8 HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Windows Releases
Platform
Version
Windows 10
1803 (arm64, x64, x86)
KB5000809
1809 (arm64, x64, x86)
KB5000822
1909 (arm64, x64, x86)
KB5000808
2004 (arm64, x64, x86)
KB5000802
20H2 (arm64, x64, x86)
KB5000802
Windows Server
1909 Server Core
KB5000808
2004 Server Core
KB5000802
20H2 Server Core
KB5000802
Windows Server 2019
Server Core
KB5000822
Standard
KB5000822
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26876
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26876