CVE-2021-40477

Description

Windows Event Tracing Elevation of Privilege Vulnerability

CVSS breakdown

Affected products

• Microsoft / windows_10_150710.0.10240.19086 – 10.0.10240.19086
• Microsoft / windows_10_150710.0.10240.19086 – 10.0.10240.19086
• Microsoft / windows_10_160710.0.14393.4704 – 10.0.14393.4704
• Microsoft / windows_10_160710.0.14393.4704 – 10.0.14393.4704
• Microsoft / windows_10_180910.0.19041.1288 – 10.0.19041.1288
• Microsoft / windows_10_180910.0.17763.2237 – 10.0.17763.2237
• Microsoft / windows_10_180910.0.17763.2237 – 10.0.17763.2237
• Microsoft / windows_10_180910.0.18363.1854 – 10.0.18363.1854
• Microsoft / windows_10_180910.0.17763.2237 – 10.0.17763.2237
• Microsoft / windows_10_190910.0.18363.1854 – 10.0.18363.1854
• Microsoft / windows_10_190910.0.18363.1854 – 10.0.18363.1854
• Microsoft / windows_10_20H210.0.19042.1288 – 10.0.19042.1288
• Microsoft / windows_10_20H210.0.19042.1288 – 10.0.19042.1288
• Microsoft / windows_10_21H110.0.19043.1288 – 10.0.19043.1288
• Microsoft / windows_10_21H110.0.19043.1288 – 10.0.19043.1288
• Microsoft / windows_10_21H110.0.19043.1288 – 10.0.19043.1288
• Microsoft / windows_11_21H210.0.22000.258 – 10.0.22000.258
• Microsoft / windows_11_21H210.0.22000.258 – 10.0.22000.258
• Microsoft / Windows 8.16.3.9600.20144 – 6.3.9600.20144
• Microsoft / Windows 8.16.3.9600.20144 – 6.3.9600.20144
• Microsoft / windows_rt_8.16.3.9600.20144 – 6.3.9600.20144
• Microsoft / windows_server_200410.0.19041.1288 – 10.0.19041.1288
• Microsoft / Windows Server 20126.2.9200.23490 – 6.2.9200.23490
• Microsoft / Windows Server 2012 R26.3.9600.20144 – 6.3.9600.20144
• Microsoft / Windows Server 201610.0.14393.4704 – 10.0.14393.4704
• Microsoft / Windows Server 201910.0.17763.2237 – 10.0.17763.2237
• Microsoft / Windows Server 202210.0.20348.288 – 10.0.20348.288
• Microsoft / windows_server_20H210.0.19042.1288 – 10.0.19042.1288

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40477