CVE-2021-41357
published 2021-10-13CVE-2021-41357: Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability
high7.8
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-16
Exploited in the wild
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1288 | 10.0.19041.1288 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1288 | 10.0.19042.1288 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1288 | 10.0.19043.1288 |
| microsoft | windows_11_version_21h2 | >= 10.0.0 < 10.0.22000.258 | 10.0.22000.258 |
| microsoft | windows_server_2022 | >= 10.0.0 < 10.0.20348.288 | 10.0.20348.288 |
| microsoft | windows_server_version_2004 | >= 10.0.0 < 10.0.19041.1288 | 10.0.19041.1288 |
| microsoft | windows_server_version_20h2 | >= 10.0.0 < 10.0.19042.1288 | 10.0.19042.1288 |
| msrc | windows_10_version_2004_for_32-bit_systems | — | — |
| msrc | windows_10_version_2004_for_arm64-based_systems | — | — |
| msrc | windows_10_version_2004_for_x64-based_systems | — | — |
| msrc | windows_10_version_20h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_20h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h1_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h1_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h1_for_x64-based_systems | — | — |
| msrc | windows_11_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_version_2004 | — | — |
| msrc | windows_server_version_20h2 | — | — |
CVSS provenance
cvelistv57.8HIGH
vulncheck7.8HIGH
cisa7.8HIGH
GHSA
GHSA-pph6-grp2-wvvw: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2021-41357 [HIGH] CWE-269 GHSA-pph6-grp2-wvvw: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450.
GHSA
GHSA-qjf4-g2gg-w6pq: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2021-40449 [HIGH] CWE-269 GHSA-qjf4-g2gg-w6pq: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.
GHSA
GHSA-v7qc-rhmv-f6j4: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2021-40450 [HIGH] CWE-269 GHSA-v7qc-rhmv-f6j4: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357.
CVEList
Win32k Elevation of Privilege Vulnerability
cvelistv5·2021-10-13·CVSS 7.8
CVE-2021-41357 [HIGH] Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
VulnCheck
Microsoft Win32k Privilege Escalation Vulnerability
vulncheck·2021·CVSS 7.8
CVE-2021-41357 [HIGH] Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Affected: Microsoft Win32k
Required Action: Apply updates per vendor instructions.
Exploitation References: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-05-16
CISA
Microsoft Win32k Privilege Escalation Vulnerability
cisa·2022-04-25·CVSS 7.8
CVE-2021-41357 [HIGH] Microsoft Win32k Privilege Escalation Vulnerability
Vulnerability: Microsoft Win32k Privilege Escalation Vulnerability
Affected: Microsoft Win32k
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-41357
Remediation Due Date: 2022-05-16
Microsoft
Win32k Elevation of Privilege Vulnerability
vendor_msrc·2021-10-12·CVSS 7.8
CVE-2021-41357 [HIGH] Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Windows Win32K: Windows Win32K
Microsoft: Microsoft
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006670
Reference: https://support.microsoft.com/help/5006670
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006699
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006674
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
blogs_talos·2021-10-12·CVSS 8.8
[HIGH] Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Asheer Malhotra.
Microsoft released its monthly security update Tuesday, disclosing 78 vulnerabilities in the company’s various software, hardware and firmware offerings.
This month’s release is particularly notable because there are only two critical vulnerabilities included, with the rest being important. This is the fewest number of critical vulnerabilities disclosed as part of a Patch Tuesday in at least a year.
CVE-2021-40461 is one of the critical vulnerabilities — a flaw in the Network Virtualization Service Provider that could allow an attacker to execute remote code on the target machine. This vulnerability has a severity rating of 9.9 out of a possible
Talos
Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
blogs_talos·2021-10-12·CVSS 8.8
CVE-2021-40461 [HIGH] Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Asheer Malhotra.
Microsoft released its monthly security update Tuesday, disclosing 78 vulnerabilities in the company’s various software, hardware and firmware offerings.
This month’s release is particularly notable because there are only two critical vulnerabilities included, with the rest being important. This is the fewest number of critical vulnerabilities disclosed as part of a Patch Tuesday in at least a year.
CVE-2021-40461 is one of the critical vulnerabilities — a flaw in the Network Virtualization Service Provider that could allow an attacker to execute remote code on the target machine. This vulnerability has a severity rating of 9.9 out of a possible 10, virtually the highest severity rating seen in Patch Tuesdays.
The other critical
Crowdstrike
October 2021 Patch Tuesday: Updates and Analysis
blogs_crowdstrike·CVSS 7.5
CVE-2026-20929 [HIGH] October 2021 Patch Tuesday: Updates and Analysis
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019
Helping Non-Security Stakeholders Understand AT
Zscaler
Zscaler found Microsoft Windows vulnerabilities | 10-12-2021
blogs_zscaler·CVSS 7.8
[HIGH] Zscaler found Microsoft Windows vulnerabilities | 10-12-2021
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2021-10-13
Published
2022-04-25
Added to CISA KEV
Exploited in the wild