CVE-2021-3446616.07.2021, 21:15Windows Hello Security Feature Bypass VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTPrimary5.7 MEDIUMPHYSICALHIGHNONECVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NAwaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: UnknownWindows ReleasesPlatformVersionWindows 101809 (arm64, x64, x86)KB50042441909 (arm64, x64, x86)KB50042452004 (arm64, x64, x86)KB500423720H2 (arm64, x64, x86)KB500423721H1 (arm64, x64, x86)KB5004237Common Weakness EnumerationCWE-290 - Authentication Bypass by SpoofingThis attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.Referenceshttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34466https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34466