CVE-2021-36957

HIGH7.8JSON export Create alert

Description

Windows Desktop Bridge Elevation of Privilege Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / windows_10_160710.0.14393.4770 – 10.0.14393.4770
Microsoft / windows_10_160710.0.14393.4770 – 10.0.14393.4770
Microsoft / windows_10_180910.0.17763.2300 – 10.0.17763.2300
Microsoft / windows_10_180910.0.17763.2300 – 10.0.17763.2300
Microsoft / windows_10_180910.0.18363.1916 – 10.0.18363.1916
Microsoft / windows_10_180910.0.19041.1348 – 10.0.19041.1348
Microsoft / windows_10_180910.0.17763.2300 – 10.0.17763.2300
Microsoft / windows_10_190910.0.18363.1916 – 10.0.18363.1916
Microsoft / windows_10_190910.0.18363.1916 – 10.0.18363.1916
Microsoft / windows_10_20H210.0.19042.1348 – 10.0.19042.1348
Microsoft / windows_10_20H210.0.19042.1348 – 10.0.19042.1348
Microsoft / windows_10_21H110.0.19043.1348 – 10.0.19043.1348
Microsoft / windows_10_21H110.0.19043.1348 – 10.0.19043.1348
Microsoft / windows_10_21H110.0.19043.1348 – 10.0.19043.1348
Microsoft / windows_11_21H210.0.22000.318 – 10.0.22000.318
Microsoft / windows_11_21H210.0.22000.318 – 10.0.22000.318
Microsoft / windows_server_200410.0.19041.1348 – 10.0.19041.1348
Microsoft / Windows Server 201610.0.14393.4770 – 10.0.14393.4770
Microsoft / Windows Server 201910.0.17763.2300 – 10.0.17763.2300
Microsoft / Windows Server 202210.0.20348.350 – 10.0.20348.350
Microsoft / windows_server_20H210.0.19041.1348 – 10.0.19041.1348

References

VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36957