CVE-2021-26900

EUVD-2021-13684
Windows Win32k Elevation of Privilege Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
7.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Windows Releases
Platform
Version
Windows 10
1909 (arm64, x64, x86)
KB5000808
2004 (arm64, x64, x86)
KB5000802
20H2 (arm64, x64, x86)
KB5000802
Windows Server
1909 Server Core
KB5000808
2004 Server Core
KB5000802
20H2 Server Core
KB5000802
Common Weakness Enumeration
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26900
https://www.zerodayinitiative.com/advisories/ZDI-21-331/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26900
https://www.zerodayinitiative.com/advisories/ZDI-21-331/