CVE-2021-3862615.09.2021, 12:15Windows Kernel Elevation of Privilege VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTPrimary7.8 HIGHLOCALLOWLOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HBase ScoreCVSS 3.xEPSS ScorePercentile: UnknownAffected Products (NVD)VendorProductVersionmicrosoftwindows_server_2008-𝑥= Vulnerable software versionsWindows ReleasesPlatformVersionWindows Server 2008Service Pack 2 (x64, x86)KB5005618Service Pack 2 Server Core (x64, x86)KB5005618Common Weakness EnumerationCWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Referenceshttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38626https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38626