Jul 2021: Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-31979 Published on July 14, 2021

Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability

NVD

Known Exploited Vulnerability

This Microsoft Windows Kernel Privilege Escalation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Windows Kernel Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-33771, CVE-2021-34514.

The following remediation steps are recommended / required by November 17, 2021: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2021-31979 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2021-31979 has been classified to as a Buffer Overflow vulnerability or weakness.


Products Associated with CVE-2021-31979

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-31979 are published in these products:

Microsoft Windows 10
 
Microsoft Windows 7
 
Microsoft Windows 8.1
 
Microsoft Windows Rt 8 1
 
Microsoft Windows Server 2008
 
Microsoft Windows Server 2012
 
Microsoft Windows Server 2016
 
Microsoft Windows Server 2019
 
Microsoft Windows 10 1909
 
Microsoft Windows 10 21h1
 
Microsoft Windows 10 2004
 
Microsoft Windows Server 2004
 
Microsoft Windows Server 20h2
 
Microsoft Windows 10 1507
 
Microsoft Windows Server 2008 Sp2
 
Microsoft Windows Server 2008 R2
 
Microsoft Windows Server 2012 R2
 

Affected Versions

Microsoft Windows 10 Version 1809: Microsoft Windows Server 2019: Microsoft Windows Server 2019 (Server Core installation): Microsoft Windows 10 Version 1909: Microsoft Windows 10 Version 21H1: Microsoft Windows 10 Version 2004: Microsoft Windows Server version 2004: Microsoft Windows 10 Version 20H2: Microsoft Windows Server version 20H2: Microsoft Windows 10 Version 1507: Microsoft Windows 10 Version 1607: Microsoft Windows Server 2016: Microsoft Windows Server 2016 (Server Core installation): Microsoft Windows 7: Microsoft Windows 7 Service Pack 1: Microsoft Windows 8.1: Microsoft Windows Server 2008 Service Pack 2: Microsoft Windows Server 2008 Service Pack 2 (Server Core installation): Microsoft Windows Server 2008 Service Pack 2: Microsoft Windows Server 2008 R2 Service Pack 1: Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation): Microsoft Windows Server 2012: Microsoft Windows Server 2012 (Server Core installation): Microsoft Windows Server 2012 R2: Microsoft Windows Server 2012 R2 (Server Core installation):

Exploit Probability

EPSS
12.47%
Percentile
93.76%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.