⚠ Actively exploited

Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2021-11-17. Required action: Apply updates per vendor instructions..

CVE-2021-28310 — Improper Privilege Management in Microsoft Windows 10 Version 1803

CWE-269 — Improper Privilege Management CWE-787 — Out-of-bounds Write11 documents9 sources

Severity

7.8HIGHCNA

No vector

EPSS

54.0%

top 1.99%

CISA KEV

KEV

Added 2021-11-03

Due 2021-11-17

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows 10 Version 1803 Microsoft Windows 10 Version 1809 Microsoft Windows 10 Version 1909 +5 more

Timeline

PublishedApr 13

KEV addedNov 3

KEV dueNov 17

Latest updateMay 24

CISA Required Action: Apply updates per vendor instructions.

Description

Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

Affected Packages8 packages

▶CVEListV5microsoft/windows_server_201910.0.0 — publication

▶CVEListV5microsoft/windows_10_version_180310.0.0 — publication

▶CVEListV5microsoft/windows_10_version_180910.0.0 — publication

▶CVEListV5microsoft/windows_10_version_190910.0.0 — publication

▶CVEListV5microsoft/windows_10_version_200410.0.0 — publication

🔴Vulnerability Details

GHSA

GHSA-8mmc-r5c6-h963: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-27072↗2022-05-24

▶

Project0

The More You Know, The More You Know You Don’t Know - Project Zero↗2022-04-01

▶

CVEList

Win32k Elevation of Privilege Vulnerability↗2021-04-13

▶

VulnCheck

Microsoft Win32k Privilege Escalation Vulnerability↗2021

▶

📋Vendor Advisories

CISA

Microsoft Win32k Privilege Escalation Vulnerability↗2021-11-03

▶

Microsoft

Win32k Elevation of Privilege Vulnerability↗2021-04-13

▶

🕵️Threat Intelligence

Qualys

April 2021 Patch Tuesday – 108 Vulnerabilities, 19 Critical, Adobe↗2021-04-14

▶

Qualys

April 2021 Patch Tuesday – 108 Vulnerabilities, 19 Critical, Adobe | Qualys↗2021-04-14

▶

Securelist

Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild↗2021-04-13

▶

Securelist

Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild↗2021-04-13

▶