CVE-2021-33759
published 2021-07-14CVE-2021-33759: Windows Desktop Bridge Elevation of Privilege Vulnerability
PriorityP338high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.56%
42.2th percentile
Windows Desktop Bridge Elevation of Privilege Vulnerability
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1607 | >= 10.0.0 < 10.0.14393.4530 | 10.0.14393.4530 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.1679 | 10.0.18363.1679 |
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1110 | 10.0.19043.1110 |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | >= 10.0.0 < 10.0.14393.4530 | 10.0.14393.4530 |
| microsoft | windows_server_2019 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_server_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_server_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_1909 | — | — |
| msrc | windows_10_version_2004 | — | — |
| msrc | windows_10_version_20h2 | — | — |
| msrc | windows_10_version_21h1 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Desktop Bridge Elevation of Privilege Vulnerability
vendor_msrc·2021-07-13·CVSS 7.8
CVE-2021-33759 [HIGH] Windows Desktop Bridge Elevation of Privilege Vulnerability
Windows Desktop Bridge Elevation of Privilege Vulnerability
Windows Desktop Bridge: Windows Desktop Bridge
Microsoft: Microsoft
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244
Reference: https://support.microsoft.com/help/5004244
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004245
Reference: https://support.microsoft.com/help/5004245
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004237
Reference: https://support.microsoft.com/help/5004237
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB
GHSA
GHSA-55m3-6rgw-x533: Windows Desktop Bridge Elevation of Privilege Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-33759 [HIGH] CWE-269 GHSA-55m3-6rgw-x533: Windows Desktop Bridge Elevation of Privilege Vulnerability
Windows Desktop Bridge Elevation of Privilege Vulnerability
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-07-14
Published