CVE-2021-34516

moderate-risk

Published 2021-07-14

Win32k Elevation of Privilege Vulnerability

Do I need to act?

1.9% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (18)

Windows 10

Windows 7

Windows 8.1

Windows Rt 8.1

Windows Server 2008

Windows Server 2012

Windows Server 2016

Windows Server 2019

Affected Vendors

Microsoft

References (42)

Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3451...

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1004/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1005/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1006/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1007/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1008/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1009/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1010/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1011/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1012/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1013/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1014/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1015/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1016/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1017/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1018/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1019/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1020/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1021/

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-21-1022/

and 22 more references

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 5/34 · Minimal

Exposure 19/34 · Moderate