cbcvebase.
CVE-2021-27085
published 2021-03-11

CVE-2021-27085: Internet Explorer Remote Code Execution Vulnerability

PriorityP182high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2021-11-17
Exploited in the wild
EPSS
3.71%
88.4th percentile
Internet Explorer Remote Code Execution Vulnerability

Affected

18 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer_11>= 1.0.0 < publicationpublication
msrcinternet_explorer_11_on_windows_10_version_1803_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1803_for_arm64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1803_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1809_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1809_for_arm64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1809_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1909_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_1909_for_arm64-based_systems
msrcinternet_explorer_11_on_windows_10_version_1909_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_2004_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_2004_for_arm64-based_systems
msrcinternet_explorer_11_on_windows_10_version_2004_for_x64-based_systems
msrcinternet_explorer_11_on_windows_10_version_20h2_for_32-bit_systems
msrcinternet_explorer_11_on_windows_10_version_20h2_for_arm64-based_systems
msrcinternet_explorer_11_on_windows_10_version_20h2_for_x64-based_systems
msrcinternet_explorer_11_on_windows_server_2019

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2021-27085 has been confirmed exploited in the wild (in-the-wild exploitation detected for both latest and older software releases of Internet Explorer)
  • ·The vulnerability is described as 'unspecified' — no technical details, exploit chain, payload, or specific vulnerable component beyond 'Internet Explorer' have been publicly disclosed in the available sources, limiting the ability to create precise detection signatures.
  • ·The exploit has NOT been publicly disclosed per Microsoft, meaning no public PoC or detailed write-up is available from these sources to derive further IOCs.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vulncheck8.8HIGH
cisa8.8HIGH
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.