CVE-2021-36958 — Microsoft Windows 10 Version 1507 vulnerability

9 documents6 sources

Severity

7.8HIGHNVD

EPSS

4.7%

top 10.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 Version 1507 Microsoft Windows 10 Version 1607 Microsoft Windows 10 Version 1809 +15 more

Timeline

PublishedAug 12

Latest updateMay 24

Description

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages18 packages

▶CVEListV5microsoft/windows_7_service_pack_16.1.0 — 6.1.7601.25712

▶CVEListV5microsoft/windows_server_2008_service_pack_26.0.0 — 6.0.6003.21218

▶CVEListV5microsoft/windows_server_2008_r2_service_pack_16.1.0 — 6.1.7601.25712+1

▶CVEListV5microsoft/windows_76.1.0 — 6.1.7601.25712

▶CVEListV5microsoft/windows_8.16.3.0 — 6.3.9600.20120

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-37q4-472r-ppmr: Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36947↗2022-05-24

▶

CVEList

Windows Print Spooler Remote Code Execution Vulnerability↗2021-08-12

▶

📋Vendor Advisories

Microsoft

Windows Print Spooler Remote Code Execution Vulnerability↗2021-08-10

▶