CVE-2021-41342

EUVD-2021-28371
Windows MSHTML Platform Remote Code Execution Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
microsoftCNA
6.8 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_11
-
microsoftwindows_11
-
microsoftwindows_7
-
microsoftwindows_8.1
-
microsoftwindows_rt_8.1
-
microsoftwindows_server_2008
-
microsoftwindows_server_2012
-
microsoftwindows_server_2016
-
microsoftwindows_server_2019
-
microsoftwindows_server_2022
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB5006675
1607 (x64, x86)
KB5006669
1809 (arm64, x64, x86)
KB5006672
1909 (arm64, x64, x86)
KB5006667
2004 (arm64, x64, x86)
KB5006670
20H2 (arm64, x86)
KB5006670
21H1 (arm64, x64, x86)
KB5006670
Windows 11
21H2 (arm64, x64)
KB5006674
Windows 7
Service Pack 1 (x64, x86)
KB5006743
Service Pack 1 (x64, x86)
KB5006671
Windows 8.1
(x64, x86)
KB5006671
(x64, x86)
KB5006714
Windows RT 8.1
All
KB5006714
Windows Server 2008
Service Pack 2 (x64, x86)
KB5006671
Service Pack 2 (x64, x86)
KB5006736
Windows Server 2008 R2
Service Pack 1 (x64)
KB5006743
Service Pack 1 (x64)
KB5006671
Windows Server 2012
Standard
KB5006671
Standard
KB5006739
Windows Server 2012 R2
Standard
KB5006671
Standard
KB5006714
Windows Server 2016
Standard
KB5006669
Windows Server 2019
Standard
KB5006672
Windows Server 2022
Standard
KB5006699
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342