CVE-2022-21887Improper Privilege Management in Microsoft Windows 11 Version 21h2

CWE-269Improper Privilege ManagementCWE-787Out-of-bounds Write7 documents6 sources
Severity
7.0HIGHCNA
No vector
EPSS
0.5%
top 35.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows 11 Version 21h2Msrc Windows 11 Version 21h2 FOR Arm64-based SystemsMsrc Windows 11 Version 21h2 FOR X64-based Systems
Timeline
PublishedJan 11
Latest updateJan 12

Description

Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

Affected Packages3 packages

CVEListV5microsoft/windows_11_version_21h210.0.010.0.22000.434

🔴Vulnerability Details

3
GHSA
GHSA-m3vx-53cf-jqv4: Win32k Elevation of Privilege Vulnerability2022-01-12
GHSA
GHSA-h585-m23x-h5c2: Win32k Elevation of Privilege Vulnerability2022-01-12
CVEList
Win32k Elevation of Privilege Vulnerability2022-01-11

📋Vendor Advisories

1
Microsoft
Win32k Elevation of Privilege Vulnerability2022-01-11

🕵️Threat Intelligence

3
Zscaler
Zscaler protects against 6 new vulnerabilities | 01-11-2022
Crowdstrike
January 2022 Patch Tuesday: Updates and Analysis
Threat Intel
UNC5330
CVE-2022-21887 — Improper Privilege Management | cvebase