Microsoft's Security Patches for January 2021 Fix 83 Security Vulnerabilities
Overview
Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics Component, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft RPC, Microsoft Windows, Microsoft Windows Codecs Library, Microsoft Windows DNS, SQL Server, Visual Studio, Windows AppX Deployment Extensions, Windows CryptoAPI, Windows CSC Service, Windows Diagnostic Hub, Windows DP API, Windows Event Logging Service, Windows Event Tracing, Windows Hyper-V, Windows Installer, Windows Kernel, Windows Media, Windows NTLM, Windows Print Spooler Components, Windows Projected File System Filter Driver, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows splwow64, Windows TPM Device Driver, Windows Update Stack, and Windows WalletService. Description of Critical and Important Vulnerabilities
Some critical and important vulnerabilities are described as follows:
@NSFOCUS 2021 http://www.nsfocus.com
Microsoft Defender Remote Code Execution Vulnerability (CVE-2021-1647)
This vulnerability was in the 0-day state and was found exploited in the wild. Its impact traces back to certain versions of Windows 2008. Remote attackers could exploit this vulnerability to execute arbitrary code on the computer. Microsoft indicated that users can protect against this vulnerability without additional update measures. The update for this vulnerability is part of updates released by Microsoft regularly for its anti-malware products.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2021-1707)
Microsoft SharePoint contains several important vulnerabilities. The most noteworthy vulnerability is CVE-2021-1707 which allows attackers, by taking advantage of the logged-in user that has proper privileges, to gain access to create SharePoint websites and remotely execute arbitrary code in the kernel.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1707
Windows Win32k Privilege Escalation Vulnerability (CVE-2021-1709)
The Win32k system process contains another important vulnerability (CVE-2021-1709) which requires no user interaction. Attackers could exploit this local computer for privilege escalation and execute other attacks with these privileges.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1709
Microsoft splwow64 Elevation of Privilege Vulnerability (CVE-2021-1648)
Before this vulnerability CVE-2021-1648 is discovered, researchers from ZDI and Google found the vulnerability CVE-2020-0986 and submitted it to Microsoftware. After the first round of remediation of this vulnerability, researchers found that patches introduced a new out- of-bounds read condition that can lead to privilege escalation. The two vulnerabilities are fixed in patches released in January. As the
@NSFOCUS 2021 http://www.nsfocus.com
vulnerability CVE-2021-1648 has been exploited in the wild, it is highly likely that this vulnerability CVE-2020-0986 has also been exploited in the wild too.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1648
The following table lists these vulnerabilities.
Product CVE ID CVE Title Severity
Bot Framework SDK Information .NET Repository CVE-2021-1725 Important Disclosure Vulnerability
ASP.NET Core and Visual Studio ASP.NET core & .NET core CVE-2021-1723 Important Denial-of-Service Vulnerability
Azure Active Directory Pod Azure Active Directory Pod Identity CVE-2021-1677 Important Identity Spoofing Vulnerability
Windows Bluetooth Security Microsoft Bluetooth Driver CVE-2021-1683 Important Feature Bypass Vulnerability
Windows Bluetooth Security Microsoft Bluetooth Driver CVE-2021-1684 Important Feature Bypass Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Windows Bluetooth Security Microsoft Bluetooth Driver CVE-2021-1638 Important Feature Bypass Vulnerability
Microsoft DTV-DVD Video Microsoft DTV-DVD Video Decoder CVE-2021-1668 Decoder Remote Code Execution Critical Vulnerability
Microsoft Edge (HTML-based) Microsoft Edge (HTML-based) CVE-2021-1705 Moderate Memory Corruption Vulnerability
GDI+ Remote Code Execution Microsoft Graphics Component CVE-2021-1665 Critical Vulnerability
Windows Graphics Component Microsoft Graphics Component CVE-2021-1696 Information Disclosure Important Vulnerability
Windows GDI+ Information Microsoft Graphics Component CVE-2021-1708 Important Disclosure Vulnerability
Windows Win32k Privilege Microsoft Graphics Component CVE-2021-1709 Important Escalation Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Microsoft Defender Remote Code Microsoft Malware Protection Engine CVE-2021-1647 Critical Execution Vulnerability
Microsoft Office Remote Code Microsoft Office CVE-2021-1711 Important Execution Vulnerability
Microsoft Excel Remote Code Microsoft Office CVE-2021-1713 Important Execution Vulnerability
Microsoft Excel Remote Code Microsoft Office CVE-2021-1714 Important Execution Vulnerability
Microsoft Word Remote Code Microsoft Office CVE-2021-1715 Important Execution Vulnerability
Microsoft Word Remote Code Microsoft Office CVE-2021-1716 Important Execution Vulnerability
Microsoft SharePoint Spoofing Microsoft Office SharePoint CVE-2021-1641 Important Vulnerability
Microsoft SharePoint Server Microsoft Office SharePoint CVE-2021-1707 Remote Code Execution Important Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Microsoft SharePoint Privilege Microsoft Office SharePoint CVE-2021-1712 Important Escalation Vulnerability
Microsoft SharePoint Server Microsoft Office SharePoint CVE-2021-1718 Important Tampering Vulnerability
Microsoft SharePoint Spoofing Microsoft Office SharePoint CVE-2021-1717 Important Vulnerability
Microsoft SharePoint Privilege Microsoft Office SharePoint CVE-2021-1719 Important Escalation Vulnerability
Windows Remote Procedure Call Microsoft RPC CVE-2021-1702 Runtime Privilege Escalation Important Vulnerability
Windows Fax Compose Form Microsoft Windows CVE-2021-1657 Remote Code Execution Important Vulnerability
Windows NT Lan Manager Datagram Receiver Driver Microsoft Windows CVE-2021-1676 Important Information Disclosure Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Windows Multipoint Management Microsoft Windows CVE-2021-1689 Important Privilege Escalation Vulnerability
Windows Runtime C++ Template Microsoft Windows CVE-2021-1650 Library Privilege Escalation Important Vulnerability
Active Template Library Privilege Microsoft Windows CVE-2021-1649 Important Escalation Vulnerability
Windows WLAN Service Privilege Microsoft Windows CVE-2021-1646 Important Escalation Vulnerability
Windows (modem.sys) Information Microsoft Windows CVE-2021-1699 Important Disclosure Vulnerability
Windows LUAFV Privilege Microsoft Windows CVE-2021-1706 Important Escalation Vulnerability
HEVC Video Extensions Remote Microsoft Windows Codecs Library CVE-2021-1644 Important Code Execution Vulnerability
HEVC Video Extensions Remote Microsoft Windows Codecs Library CVE-2021-1643 Critical Code Execution Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Windows DNS Query Information Microsoft Windows DNS CVE-2021-1637 Important Disclosure Vulnerability
Microsoft SQL Privilege Escalation SQL Server CVE-2021-1636 Important Vulnerability
Visual Studio Remote Code Visual Studio CVE-2020-26870 Important Execution Vulnerability
Windows AppX Deployment Windows AppX Deployment Extensions CVE-2021-1642 Extensions Privilege Escalation Important Vulnerability
Windows AppX Deployment Windows AppX Deployment Extensions CVE-2021-1685 Extensions Privilege Escalation Important Vulnerability
Windows CryptoAPI Denial-of- Windows CryptoAPI CVE-2021-1679 Important Service Vulnerability
Windows CSC Service Privilege Windows CSC Service CVE-2021-1652 Important Escalation Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Windows CSC Service Privilege Windows CSC Service CVE-2021-1653 Important Escalation Vulnerability
Windows CSC Service Privilege Windows CSC Service CVE-2021-1654 Important Escalation Vulnerability
Windows CSC Service Privilege Windows CSC Service CVE-2021-1655 Important Escalation Vulnerability
Windows CSC Service Privilege Windows CSC Service CVE-2021-1659 Important Escalation Vulnerability
Windows CSC Service Privilege Windows CSC Service CVE-2021-1688 Important Escalation Vulnerability
Windows CSC Service Privilege Windows CSC Service CVE-2021-1693 Important Escalation Vulnerability
Diagnostics Hub Standard Windows Diagnostic Hub CVE-2021-1651 Collector Privilege Escalation Important Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Diagnostics Hub Standard Windows Diagnostic Hub CVE-2021-1680 Collector Privilege Escalation Important Vulnerability
Windows Docker Information Windows DP API CVE-2021-1645 Important Disclosure Vulnerability
Windows Event Logging Service Windows Event Logging Service CVE-2021-1703 Important Privilege Escalation Vulnerability
Windows Event Tracing Privilege Windows Event Tracing CVE-2021-1662 Important Elevation Vulnerability
Windows Hyper-V Denial-of- Windows Hyper-V CVE-2021-1691 Important Service Vulnerability
Windows Hyper-V Denial-of- Windows Hyper-V CVE-2021-1692 Important Service Vulnerability
Windows Hyper-V Privilege Windows Hyper-V CVE-2021-1704 Important Elevation Vulnerability
Windows Installer Privilege Windows Installer CVE-2021-1661 Important Elevation Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Windows InstallService Privilege Windows Installer CVE-2021-1697 Important Elevation Vulnerability
Windows Kernel Privilege Windows Kernel CVE-2021-1682 Important Escalation Vulnerability
Microsoft Windows Media Windows Media CVE-2021-1710 Foundation Remote Code Important Execution Vulnerability
NTLM Security Feature Bypass Windows NTLM CVE-2021-1678 Important Vulnerability
Windows Print Spooler Privilege Windows Print Spooler Components CVE-2021-1695 Important Escalation Vulnerability
Windows Projected File System FS Windows Projected File System Filter Driver CVE-2021-1663 Filter Driver Information Important Disclosure Vulnerability
Windows Projected File System FS Windows Projected File System Filter Driver CVE-2021-1670 Filter Driver Information Important Disclosure Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Windows Projected File System FS Windows Projected File System Filter Driver CVE-2021-1672 Filter Driver Information Important Disclosure Vulnerability
Windows Remote Desktop Security Windows Remote Desktop CVE-2021-1669 Important Feature Bypass Vulnerability
Windows Remote Desktop Protocol Windows Remote Desktop CVE-2021-1674 Core Security Feature Bypass Important Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1658 Remote Code Execution Critical Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1660 Remote Code Execution Critical Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1664 Remote Code Execution Important Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1666 Remote Code Execution Critical Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1667 Remote Code Execution Critical Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1671 Remote Code Execution Important Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1673 Remote Code Execution Critical Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1700 Remote Code Execution Important Vulnerability
Remote Procedure Call Runtime Windows Remote Procedure Call Runtime CVE-2021-1701 Remote Code Execution Important Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Microsoft splwow64 Privilege Windows splwow64 CVE-2021-1648 Important Escalation Vulnerability
TPM Device Driver Information Windows TPM Device Driver CVE-2021-1656 Important Disclosure Vulnerability
Windows Update Stack Privilege Windows Update Stack CVE-2021-1694 Important Escalation Vulnerability
Windows WalletService Privilege Windows WalletService CVE-2021-1681 Important Escalation Vulnerability
Windows WalletService Privilege Windows WalletService CVE-2021-1686 Important Escalation Vulnerability
Windows WalletService Privilege Windows WalletService CVE-2021-1687 Important Escalation Vulnerability
Windows WalletService Privilege Windows WalletService CVE-2021-1690 Important Escalation Vulnerability
@NSFOCUS 2021 http://www.nsfocus.com
Recommended Mitigation Measures
Microsoft has released security updates to fix these issues. Please download and install them as soon as possible.
Appendix
CVE-2020-26870 - Visual Studio Remote Code Execution Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE- CVE Title: Visual Studio Remote Code Execution Vulnerability 2020- Description: Remote Code 26870 Important Execution MITRE FAQ: NVD
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Why is a CVE that was issued by the MITRE Corporation in the Security Update Guide?
CVE-2020-26870 documents a vulnerability in Cure53 DOMPurify which is open source software used by Visual Studio. The documented Visual Studio updates incorporate the updates in Cure53 DOMPurify which address the vulnerability.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2020-26870
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Microsoft Release Visual Base: 7 Notes Remote Studio 2017 Temporal: 6.1 Security Important Code Maybe version 15.9 Vector: Update Execution (includes CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0 - 15.8)
Release Microsoft Base: 7 Notes Remote Visual Temporal: 6.1 Security Important Code Maybe Studio 2019 Vector: Update Execution version 16.0 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Release Base: 7 Microsoft Notes Remote Temporal: 6.1 Visual Security Important Code Maybe Vector: Studio 2019 Update Execution CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C version 16.4
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2020-26870
(includes 16.0 - 16.3)
Release Microsoft Base: 7 Notes Remote Visual Temporal: 6.1 Security Important Code Maybe Studio 2019 Vector: Update Execution version 16.8 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Visual Release Base: 7 Studio 2019 Notes Remote Temporal: 6.1 version 16.7 Security Important Code Maybe Vector: (includes Update Execution CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16.0 – 16.6)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1636 - Microsoft SQL Elevation of Privilege Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
CVE Title: Microsoft SQL Elevation of Privilege Vulnerability Description:
FAQ:
There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL CVE- Server. How do I know which update to use? 2021- First, determine your SQL Server version number. For more information on determining Elevation of 1636 Important your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to Privilege MITRE determine the version, edition, and update level of SQL Server and its components. NVD Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.
Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
This security update also Update Apply if current Title includes servicing releases up number product version is… through…
Security update for SQL 15.0.2000.5 - KB 4517790 - Previous SQL19 4583458 Server 2019 RTM GDR: Jan 15.0.2070.41 RTM GDR 12, 2021
Security update for SQL 15.0.4003.23 - KB 4577194 – SQL19 RTM 4583459 Server 2019 RTM CU8: Jan 15.0.4073.23 CU8 12, 2021
Security update for SQL 14.0.1000.169 - KB4505224 - Previous SQL17 4583456 Server 2017 RTM GDR: Jan 14.0.2027.2 RTM GDR 12, 2021
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
Security update for SQL 14.0.3006.16 - KB4577467 – SQL17 RTM 4583457 Server 2017 RTM CU22: Jan 14.0.3356.20 CU22 12, 2021
Security update for SQL 13.0.5026.0 - KB4532097 - Previous SQL16 4583460 Server 2016 Service Pack 2 13.0.5102.14 SP2 GDR (GDR): Jan 12, 2021
Security update for SQL 13.0.5149.0 - KB4577775 – SQL16 SP2 4583461 Server 2016 Service Pack 2 13.0.5850.14 CU15 CU15: Jan 12, 2021
Security update for SQL 12.0.6024.0 - KB4532095 - Previous SQL14 4583463 Server 2014 Service Pack 3 12.0.6118.4 SP3 GDR (GDR): Jan 12, 2021
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
Security update for SQL 12.0.6205.1 - KB4535288 – SQL14 SP3 4583462 Server 2014 Service Pack 2 12.0.6372.1 CU4 CU4: Jan 12, 2021
Security update for SQL 11.0.7001.0 - KB4532098 – Previous 4583465 Server 2012 Service Pack 4 11.0.7493.4 SQL12 SP4 QFE (QFE): Jan 12, 2021
What are the GDR and CU update designations and how do they differ?
The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.
GDR updates – cumulatively only contain security updates for the given baseline.
CU updates – cumulatively contain all functional fixes and security updates for the given baseline.
For any given baseline, either the GDR or CU updates could be options (see below).
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.
Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.
Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?
Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.
Mitigations: None Workarounds:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1636
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1636
Microsoft SQL Server 4583465 Base: 8.8 Elevation 2012 for 32- Security Temporal: 7.7 Important of 4532098 Maybe bit Systems Update Vector: Privilege Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 4 (QFE)
Microsoft SQL Server 4583465 Base: 8.8 2012 for Elevation Security Temporal: 7.7 x64-based Important of 4532098 Maybe Update Vector: Systems Privilege CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack 4 (QFE)
Microsoft SQL Server 4583456 Base: 8.8 Elevation 2017 for Security Temporal: 7.7 Important of 4532098 Maybe x64-based Update Vector: Privilege Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C (GDR)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1636
Microsoft SQL Server 2014 4583463 Base: 8.8 Elevation Service Pack Security Temporal: 7.7 Important of 4532095 Maybe 3 for x64- Update Vector: Privilege based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems (GDR)
Microsoft SQL Server 4583460 Base: 8.8 2016 for Elevation Security Temporal: 7.7 x64-based Important of 4532097 Maybe Update Vector: Systems Privilege CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack 2 (GDR)
Microsoft 4583463 Base: 8.8 Elevation SQL Server Security Temporal: 7.7 Important of 4532095 Maybe 2014 Update Vector: Privilege Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 3 for 32-bit
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1636
Systems (GDR)
Microsoft SQL Server 4583462 Base: 8.8 2014 Elevation Security Temporal: 7.7 Service Pack Important of 4535288 Maybe Update Vector: 3 for 32-bit Privilege CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems (CU 4)
Microsoft SQL Server 2014 4583462 Base: 8.8 Elevation Service Pack Security Temporal: 7.7 Important of 4535288 Maybe 3 for x64- Update Vector: Privilege based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems (CU 4)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1636
Microsoft SQL Server 4583457 Base: 8.8 Elevation 2017 for Security Temporal: 7.7 Important of 4535288 Maybe x64-based Update Vector: Privilege Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C (CU 22)
Microsoft SQL Server 2016 4583461 Base: 8.8 Elevation Service Pack Security Temporal: 7.7 Important of 4535706 Maybe 2 for x64- Update Vector: Privilege based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems (CU 15)
4583459 Base: 8.8 Microsoft Elevation Security Temporal: 7.7 SQL Server Important of 4535706 Maybe Update Vector: 2019 for Privilege x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1636
Systems (CU 8)
Microsoft SQL Server 4583458 Base: 8.8 Elevation 2019 for Security Temporal: 7.7 Important of 4535706 Maybe x64-based Update Vector: Privilege Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C (GDR)
CVE-2021-1637 - Windows DNS Query Information Disclosure Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE-2021- CVE Title: Windows DNS Query Information Disclosure Vulnerability 1637 Description: Information Important MITRE Disclosure NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 4598245 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598245 Base: 5.5 10 Version Security Information Temporal: 4.8 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 5.5 1803 for Security Information Temporal: 4.8 Important 4592446 Yes ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Windows 4598230 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 10 Version Security Information Temporal: 4.8 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 5.5 1809 for Security Information Temporal: 4.8 Important 4592440 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Information 4598230 Important 4592440 Base: 5.5 Unknown Server 2019 Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Update Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 Server 2019 Security Information Temporal: 4.8 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 4598229 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598229 Base: 5.5 10 Version Security Information Temporal: 4.8 1909 for Important 4592449 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Windows 10 Version 4598229 Base: 5.5 1909 for Security Information Temporal: 4.8 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598229 Base: 5.5 version Security Information Temporal: 4.8 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Windows 10 Version 4598242 Base: 5.5 2004 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Information Windows 4598242 Important 4592438 Base: 5.5 Unknown Server, Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637 version Update Vector: 20H2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server Core Installation)
4598231 Base: 5.5 Windows Security Information Temporal: 4.8 10 for 32- Important 4592464 Yes Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598231 Base: 5.5 10 for x64- Security Information Temporal: 4.8 Important 4592464 Yes based Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Windows 4598243 Base: 5.5 10 Version Security Information Temporal: 4.8 1607 for Important 4593226 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598243 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 Server 2016 Security Information Temporal: 4.8 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Base: 5.5 Windows 4598285 Information Temporal: 4.8 8.1 for 32- Monthly Important 4592484 Unknown Disclosure Vector: bit systems Rollup 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Security Only
4598285 Monthly Windows Base: 5.5 Rollup 8.1 for x64- Information Temporal: 4.8 4598275 Important 4592484 Unknown based Disclosure Vector: Security systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Base: 5.5 Windows Monthly Information Temporal: 4.8 Important 4592484 Unknown RT 8.1 Rollup Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598285 Base: 5.5 Windows Monthly Information Temporal: 4.8 Server 2012 Important 4592484 Unknown Rollup Disclosure Vector: R2 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1637
Only
4598285 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 R2 (Server 4598275 Important 4592484 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
CVE-2021-1638 - Windows Bluetooth Security Feature Bypass Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Bluetooth Security Feature Bypass Vulnerability CVE-2021-1638 Description: MITRE Important Security Feature Bypass NVD FAQ: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1638
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1638
Windows 10 4598242 Base: 7.7 Security Version 20H2 Security Temporal: 6.7 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.7 Security Version 20H2 Security Temporal: 6.7 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.7 Version 20H2 Security Security Temporal: 6.7 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.7 Server, Security Security Temporal: 6.7 version 20H2 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1638
Windows 10 4598245 Base: 7.7 Security Version 1803 Security Temporal: 6.7 Important Feature 4592446 Yes for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.7 Security Version 1803 Security Temporal: 6.7 Important Feature 4592446 Yes for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.7 Version 1803 Security Security Temporal: 6.7 for ARM64- Important Feature 4592446 Yes Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.7 Security Version 1809 Security Temporal: 6.7 Important Feature 4592440 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1638
Windows 10 4598230 Base: 7.7 Security Version 1809 Security Temporal: 6.7 Important Feature 4592440 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.7 Version 1809 Security Security Temporal: 6.7 for ARM64- Important Feature 4592440 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Systems
4598230 Base: 7.7 Security Windows Security Temporal: 6.7 Important Feature 4592440 Unknown Server 2019 Update Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 7.7 Security Server 2019 Security Temporal: 6.7 Important Feature 4592440 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1638
Windows 10 4598229 Base: 7.7 Security Version 1909 Security Temporal: 6.7 Important Feature 4592449 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.7 Security Version 1909 Security Temporal: 6.7 Important Feature 4592449 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.7 Version 1909 Security Security Temporal: 6.7 for ARM64- Important Feature 4592449 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.7 Server, Security Security Temporal: 6.7 version 1909 Important Feature 4592449 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1638
Windows 10 4598242 Base: 7.7 Security Version 2004 Security Temporal: 6.7 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.7 Version 2004 Security Security Temporal: 6.7 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.7 Security Version 2004 Security Temporal: 6.7 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 7.7 Server, Security Security Temporal: 6.7 version 2004 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1641 - Microsoft SharePoint Spoofing Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft SharePoint Spoofing Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1641 None MITRE Important Spoofing Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1641
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Microsoft 4493163 Base: 4.6 SharePoint Security Temporal: 4 Important Spoofing 4486753 Maybe Enterprise Update Vector: Server 2016 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
Microsoft 4493175 Base: 4.6 SharePoint Security Temporal: 4 Foundation Important Spoofing 4493138 Maybe Update Vector: 2013 Service CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C Pack 1
4493162 Base: 4.6 Microsoft Security Temporal: 4 SharePoint Important Spoofing 4486751 Maybe Update Vector: Server 2019 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642 - Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1642 Elevation of None Important MITRE Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1642
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598242 Base: 7.8 Version Important of 4592438 Unknown Security Temporal: 6.8 20H2 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for x64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592440 Unknown Version 1809 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642 based Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598229 Base: 7.8 Version 1909 Important of 4592449 Unknown Security Temporal: 6.8 for x64- Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642 based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for x64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Elevation Windows 10 4598243 Important of 4593226 Base: 7.8 Unknown Version 1607 Security Privilege Temporal: 6.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1642 for 32-bit Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Version 1607 Elevation Security Temporal: 6.8 for x64- Important of 4593226 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1643 - HEVC Video Extensions Remote Code Execution Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability Description:
FAQ:
How do I get the updated app? CVE-2021- 1643 The Microsoft Store will automatically update affected customers. Alternatively, customers Remote Code Critical MITRE can get the update immediately; see here for details. Execution NVD It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.
My system is in a disconnected environment; is it vulnerable?
Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
How can I check if the update is installed?
If your device manufacturer preinstalled this app, package versions 1.0.33242.0 and later contain this update.
If you purchased this app from the Microsoft Store, package versions 1.0.33243.0 and later contain this update.
You can check the package version in PowerShell:
Get-AppxPackage -Name Microsoft.HEVCVideoExtension*
You can also check the package version by clicking the Start Menu > Settings > Apps > AV1 Video Extension > Advanced options
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1643
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Base: 7.8 HEVC Remote Temporal: 7 Video Critical Code Vector: Extensions Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1644 - HEVC Video Extensions Remote Code Execution Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability Description:
FAQ:
How do I get the updated app? CVE-2021- 1644 The Microsoft Store will automatically update affected customers. Alternatively, customers Remote Code Important MITRE can get the update immediately; see here for details. Execution NVD It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.
My system is in a disconnected environment; is it vulnerable?
Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
How can I check if the update is installed?
If your device manufacturer preinstalled this app, package versions 1.0.33242.0 and later contain this update.
If you purchased this app from the Microsoft Store, package versions 1.0.33243.0 and later contain this update.
You can check the package version in PowerShell:
Get-AppxPackage -Name Microsoft.HEVCVideoExtension*
You can also check the package version by clicking the Start Menu > Settings > Apps > AV1 Video Extension > Advanced options
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1644
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Base: 7.8 HEVC Remote Temporal: 6.8 Video Important Code Vector: Extensions Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645 - Windows Docker Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows Docker Information Disclosure Vulnerability Description:
FAQ:
What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secret data encrypted with DP API can be decrypted. CVE- 2021-1645 Information Important MITRE Mitigations: Disclosure NVD None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1645
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows Server, 4598242 Base: 5 version Security Information Temporal: 4.4 20H2 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core Installation)
Windows 4598242 Base: 5 10 Version Security Information Temporal: 4.4 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645
Windows 10 Version 4598242 Base: 5 20H2 for Security Information Temporal: 4.4 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5 10 Version Security Information Temporal: 4.4 20H2 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598230 Base: 5 10 Version Security Information Temporal: 4.4 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Information Base: 5 10 Version Important 4592440 Unknown Security Disclosure Temporal: 4.4 1809 for
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598230 Base: 5 1809 for Security Information Temporal: 4.4 Important 4592440 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598230 Base: 5 Windows Security Information Temporal: 4.4 Important 4592440 Unknown Server 2019 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5 Server 2019 Security Information Temporal: 4.4 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645
Windows 4598229 Base: 5 10 Version Security Information Temporal: 4.4 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598229 Base: 5 10 Version Security Information Temporal: 4.4 1909 for Important 4592449 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598229 Base: 5 1909 for Security Information Temporal: 4.4 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598229 Information Base: 5 Server, Important 4592449 Unknown Security Disclosure Temporal: 4.4 version
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645
1909 Update Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 4598242 Base: 5 10 Version Security Information Temporal: 4.4 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 5 2004 for Security Information Temporal: 4.4 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598242 Base: 5 Windows Security Information Temporal: 4.4 Important 4592438 Unknown 10 Version Update Disclosure Vector: 2004 for CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645 x64-based Systems
Windows Server, 4598242 Base: 5 version Security Information Temporal: 4.4 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 4598243 Base: 5 10 Version Security Information Temporal: 4.4 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5 10 Version Security Information Temporal: 4.4 1607 for Important 4593226 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1645
4598243 Base: 5 Windows Security Information Temporal: 4.4 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5 Server 2016 Security Information Temporal: 4.4 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1646 - Windows WLAN Service Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows WLAN Service Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1646 None Important Elevation of Privilege MITRE Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1646
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 6.6 Version Elevation Security Temporal: 5.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 6.6 Elevation Version Security Temporal: 5.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Elevation 4598242 Base: 6.6 Server, Important of 4592438 Unknown Security Temporal: 5.8 version 20H2 Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1646
(Server Core Update Vector: Installation) CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 6.6 Elevation Version 1803 Security Temporal: 5.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 6.6 Elevation Version 1803 Security Temporal: 5.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 6.6 Version 1803 Elevation Security Temporal: 5.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1646
Windows 10 4598230 Base: 6.6 Elevation Version 1809 Security Temporal: 5.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 6.6 Elevation Version 1809 Security Temporal: 5.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 6.6 Version 1809 Elevation Security Temporal: 5.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 6.6 Elevation Windows Security Temporal: 5.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1646
Windows 4598230 Base: 6.6 Elevation Server 2019 Security Temporal: 5.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 6.6 Elevation Version 1909 Security Temporal: 5.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 6.6 Elevation Version 1909 Security Temporal: 5.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 6.6 Version 1909 Elevation Security Temporal: 5.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1646
Windows 4598229 Base: 6.6 Server, Elevation Security Temporal: 5.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 6.6 Elevation Version 2004 Security Temporal: 5.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 6.6 Version 2004 Elevation Security Temporal: 5.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 6.6 Elevation Version 2004 Security Temporal: 5.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1646
Windows 4598242 Base: 6.6 Server, Elevation Security Temporal: 5.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 Version 4598242 Base: 6.6 Elevation 20H2 for Security Temporal: 5.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
CVE Title: Microsoft Defender Remote Code Execution Vulnerability Description:
FAQ:
CVE- References Identification 2021- Remote Code 1647 Critical Last version of the Microsoft Malware Protection Engine affected by this Version Execution MITRE vulnerability 1.1.17600.5 NVD First version of the Microsoft Malware Protection Engine with this Version vulnerability addressed 1.1.17700.4
Why is no action required to install this update? In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Microsoft Malware
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
Protection Engine. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.
For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.
Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Microsoft Malware Protection Engine updates and malware definitions, is working as expected in their environment.
How often are the Microsoft Malware Protection Engine and malware definitions updated? Microsoft typically releases an update for the Microsoft Malware Protection Engine once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.
Depending on which Microsoft antimalware software is used and how it is configured, the software may search for engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
What is the Microsoft Malware Protection Engine? The Microsoft Malware Protection Engine, mpengine.dll, provides the scanning, detection, and cleaning capabilities for Microsoft antivirus and antispyware software.
Does this update contain any additional security-related changes to functionality? Yes. In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.
Where can I find more information about Microsoft antimalware technology? For more information, visit the Microsoft Malware Protection Center website.
Suggested Actions Verify that the update is installed Customers should verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded and installed for their Microsoft antimalware products.
For more information on how to verify the version number for the Microsoft Malware Protection Engine that your software is currently using, see the section, "Verifying Update Installation", in Microsoft Knowledge Base Article 2510781.
For affected software, verify that the Microsoft Malware Protection Engine version is 1.1.17700.4 or later.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
If necessary, install the update Administrators of enterprise antimalware deployments should ensure that their update management software is configured to automatically approve and distribute engine updates and new malware definitions. Enterprise administrators should also verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded, approved and deployed in their environment.
For end-users, the affected software provides built-in mechanisms for the automatic detection and deployment of this update. For these customers, the update will be applied within 48 hours of its availability. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.
End users that do not wish to wait can manually update their antimalware software.
For more information on how to manually update the Microsoft Malware Protection Engine and malware definitions, refer to Microsoft Knowledge Base Article 2510781.
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1647
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Remote Microsoft Critical Code Base: 7.8 System Center Execution Temporal: 7
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Endpoint Vector: Protection CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Microsoft Base: 7.8 System Center Remote Temporal: 7 2012 R2 Critical Code Vector: Endpoint Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Protection
Base: 7.8 Microsoft Remote Temporal: 7 Security Critical Code Vector: Essentials Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Microsoft Base: 7.8 Remote System Center Temporal: 7 Critical Code 2012 Endpoint Vector: Execution Protection CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1803 Vector: Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1803 Vector: Execution for x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1803 Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C based Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1809 Vector: Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1809 Vector: Execution for x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1809 Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C based Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows Vector: Execution Server 2019 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows Defender on Base: 7.8 Remote Windows Temporal: 7 Critical Code Server 2019 Vector: Execution (Server Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C installation)
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1909 Vector: Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1909 Vector: Execution for x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1909 Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C based Systems
Windows Defender on Base: 7.8 Windows Remote Temporal: 7 Server, version Critical Code Vector: 1909 (Server Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 2004 Vector: Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 2004 Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C based Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 2004 Vector: Execution for x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Windows Remote Temporal: 7 Server, version Critical Code Vector: 2004 (Server Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Core installation)
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 20H2 Vector: Execution for x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 20H2 Vector: Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 20H2 Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C based Systems
Windows Defender on Base: 7.8 Windows Remote Temporal: 7 Server, version Critical Code Vector: 20H2 (Server Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Core Installation)
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows 10 for Vector: Execution 32-bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Base: 7.8 Defender on Remote Temporal: 7 Windows 10 for Critical Code Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1607 Vector: Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows Defender on Base: 7.8 Remote Windows 10 Temporal: 7 Critical Code Version 1607 Vector: Execution for x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows Vector: Execution Server 2016 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows Defender on Base: 7.8 Remote Windows Temporal: 7 Critical Code Server 2016 Vector: Execution (Server Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C installation)
Windows Base: 7.8 Defender on Remote Temporal: 7 Windows 7 for Critical Code Vector: 32-bit Systems Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Service Pack 1
Windows Remote Base: 7.8 Defender on Critical Code Temporal: 7 Windows 7 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647 x64-based Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Service Pack 1
Windows Base: 7.8 Defender on Remote Temporal: 7 Windows 8.1 Critical Code Vector: for 32-bit Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C systems
Windows Base: 7.8 Defender on Remote Temporal: 7 Windows 8.1 Critical Code Vector: for x64-based Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C systems
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows RT Vector: Execution 8.1 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Windows Defender on Base: 7.8 Remote Windows Temporal: 7 Critical Code Server 2008 for Vector: Execution 32-bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Service Pack 2
Windows Defender on Windows Base: 7.8 Remote Server 2008 for Temporal: 7 Critical Code 32-bit Systems Vector: Execution Service Pack 2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C (Server Core installation)
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows Vector: Execution Server 2008 R2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C for x64-based
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
Systems Service Pack 1
Windows Defender on Windows Base: 7.8 Server 2008 R2 Remote Temporal: 7 for x64-based Critical Code Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Service Pack 1 (Server Core installation)
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows Vector: Execution Server 2012 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows Remote Defender on Critical Code Base: 7.8 Windows Execution Temporal: 7 Server 2012
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1647
(Server Core Vector: installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows Base: 7.8 Remote Defender on Temporal: 7 Critical Code Windows Vector: Execution Server 2012 R2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows Defender on Base: 7.8 Remote Windows Temporal: 7 Critical Code Server 2012 R2 Vector: Execution (Server Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648 - Microsoft splwow64 Elevation of Privilege Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Microsoft splwow64 Elevation of Privilege Vulnerability Description:
FAQ:
What type of information could be disclosed by this vulnerability?
While this issue is labeled as an elevation of privilege, it can also be exploited to disclose CVE- information. The type of information that could be disclosed if an attacker successfully 2021-1648 exploited this vulnerability is uninitialized memory. Elevation of Important MITRE Privilege This CVE is marked as Publicly Disclosed. In what way was it made public? NVD This issue has been publicly disclosed by Google Project Zero (PZ2096) and the Zero Day Initiative (ZDI-CAN-11349 through 11351).
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1648
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 7 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 7 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 7 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 7 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 7 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 7 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 7 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 7 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 7 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 7 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 7 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 7 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 7 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 7 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 7 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 7 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 7 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 7 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 7 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 7 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 7 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 7 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 7 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 7 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 7 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 7 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 7 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 7 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 7 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C installation) Only
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 7 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1648
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 7 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Installation)
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 7 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 7 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649 - Active Template Library Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Active Template Library Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1649 None Important Elevation of Privilege MITRE Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1649
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598245 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592446 Yes Version 1803 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649 based Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649 based Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Elevation Server 2008 Temporal: 6.8 Rollup Important of 4592498 Unknown for x64-based Vector: 4598287 Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.8 Unknown Server 2012 Rollup Privilege Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1649
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650 - Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows Runtime C++ Template Library Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1650 Elevation of None Important MITRE Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1650
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for x64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Elevation 4598245 Base: 7.8 Version 1803 Important of 4592446 Yes Security Temporal: 6.8 for ARM64- Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650 based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for x64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650 based Systems
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for x64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
Windows 10 4598231 Base: 7.8 Elevation for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Version 1607 Elevation Security Temporal: 6.8 for x64- Important of 4593226 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Windows 8.1 Base: 7.8 Rollup Elevation for x64- Temporal: 6.8 4598275 Important of 4592484 Unknown based Vector: Security Privilege systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1650
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651 - Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1651 Elevation of None Important MITRE Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1651
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598242 Base: 7.8 Version Important of 4592438 Unknown Security Temporal: 6.8 20H2 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651 based Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Release Microsoft Base: 7.8 Notes Elevation Visual Studio Temporal: 6.8 Security Important of 4593226 Maybe 2019 version Vector: Update Privilege 16.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
Microsoft Release Visual Studio Base: 7.8 Notes Elevation 2017 version Temporal: 6.8 Security Important of 4593226 Maybe 15.9 Vector: Update Privilege (includes CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0 - 15.8)
Release Microsoft Base: 7.8 Notes Elevation Visual Studio Temporal: 6.8 Security Important of 4593226 Maybe 2019 version Vector: Update Privilege 16.0 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Release Visual Studio Base: 7.8 Notes Elevation 2019 version Temporal: 6.8 Security Important of 4593226 Maybe 16.4 Vector: Update Privilege (includes CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0 - 16.3)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1651
Microsoft Visual Studio Release Base: 7.8 2019 version Notes Elevation Temporal: 6.8 16.7 Security Important of 4593226 Maybe Vector: (includes Update Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16.0 – 16.6)
Microsoft 4584787 Base: 7.8 Elevation Visual Studio Security Temporal: 6.8 Important of 4576950 Maybe 2015 Update Update Vector: Privilege 3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1652 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 7.8 for 32-bit Elevation Monthly Temporal: 6.8 Systems Important of 4592471 Unknown Rollup Vector: Service Pack Privilege 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for x64-based Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Base: 7.8 Elevation Server 2008 Monthly Temporal: 6.8 Important of 4592498 Unknown for x64-based Rollup Vector: Privilege Systems 4598287 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Windows Elevation Monthly Temporal: 6.8 Server 2012 Important of 4592484 Unknown Rollup Vector: R2 Privilege 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1652
Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
CVE-2021-1653 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1653 Description: MITRE Important Elevation of Privilege NVD FAQ: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1653
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
Windows 7 4598279 Elevation Base: 7.8 for x64-based Monthly Important of 4592471 Unknown Temporal: 6.8 Systems Rollup Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Service Pack 4598289 Vector: 1 Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for x64-based Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Base: 7.8 Elevation Server 2008 Monthly Temporal: 6.8 Important of 4592471 Unknown R2 for x64- Rollup Vector: Privilege based 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
Windows 4598285 Base: 7.8 Server 2012 Elevation Monthly Temporal: 6.8 R2 (Server Important of 4592484 Unknown Rollup Vector: Core Privilege 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1653
Only
CVE-2021-1654 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021-1654 Mitigations: MITRE None Important Elevation of Privilege NVD Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1654
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654 based Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Elevation Server 2008 Temporal: 6.8 Rollup Important of 4592498 Unknown for x64-based Vector: 4598287 Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.8 Unknown Server 2012 Rollup Privilege Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1654
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1655 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 7.8 for 32-bit Elevation Monthly Temporal: 6.8 Systems Important of 4592471 Unknown Rollup Vector: Service Pack Privilege 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for x64-based Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Base: 7.8 Elevation Server 2008 Monthly Temporal: 6.8 Important of 4592498 Unknown for x64-based Rollup Vector: Privilege Systems 4598287 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Windows Elevation Monthly Temporal: 6.8 Server 2012 Important of 4592484 Unknown Rollup Vector: R2 Privilege 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1655
Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
CVE-2021-1656 - TPM Device Driver Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE- CVE Title: TPM Device Driver Information Disclosure Vulnerability 2021-1656 Description: Information Important MITRE Disclosure NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 20H2 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core Installation)
Windows 10 4598245 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 5.5 Version Security Information Temporal: 4.8 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Information Windows 10 4598245 Important 4592446 Base: 5.5 Yes Version Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
1803 for Update Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C based Systems
Windows 10 4598230 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 5.5 Version Security Information Temporal: 4.8 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 5.5 Security Information Temporal: 4.8 Version Important 4592440 Unknown 1809 for Update Disclosure Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656 based Systems
4598230 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4592440 Unknown Server 2019 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 Server 2019 Security Information Temporal: 4.8 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 10 4598229 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Information Base: 5.5 Version Important 4592449 Unknown Security Disclosure Temporal: 4.8 1909 for
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598229 Base: 5.5 1909 for Security Information Temporal: 4.8 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598229 Base: 5.5 version Security Information Temporal: 4.8 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Information Windows 10 4598242 Important 4592438 Base: 5.5 Unknown Version Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
2004 for 32- Update Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 5.5 2004 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 Server, Security Information Temporal: 4.8 Important 4592438 Unknown version Update Disclosure Vector: 2004 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
Core installation)
4598231 Base: 5.5 Windows 10 Security Information Temporal: 4.8 for 32-bit Important 4592464 Yes Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598231 Base: 5.5 for x64- Security Information Temporal: 4.8 Important 4592464 Yes based Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5.5 Version Security Information Temporal: 4.8 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Information Base: 5.5 Version Important 4593226 Unknown Security Disclosure Temporal: 4.8 1607 for
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598243 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 Server 2016 Security Information Temporal: 4.8 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
4598279 Windows 7 Monthly Base: 5.5 for 32-bit Rollup Information Temporal: 4.8 Systems 4598289 Important 4592471 Unknown Disclosure Vector: Service Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
4598279 Windows 7 Monthly for x64- Base: 5.5 Rollup based Information Temporal: 4.8 4598289 Important 4592471 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 1
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 8.1 for 32- 4598275 Important 4592484 Unknown Disclosure Vector: bit systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
Windows 4598285 Base: 5.5 8.1 for x64- Monthly Information Temporal: 4.8 Important 4592484 Unknown based Rollup Disclosure Vector: systems 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
Only
4598285 Base: 5.5 Windows Monthly Information Temporal: 4.8 Important 4592484 Unknown RT 8.1 Rollup Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598279 Server 2008 Monthly Base: 5.5 R2 for x64- Rollup Information Temporal: 4.8 based 4598289 Important 4592471 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 1
Windows 4598279 Server 2008 Base: 5.5 Monthly R2 for x64- Information Temporal: 4.8 Rollup Important 4592471 Unknown based Disclosure Vector: 4598289 Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Security Service
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
Pack 1 Only (Server Core installation)
4598278 Monthly Base: 5.5 Rollup Windows Information Temporal: 4.8 4598297 Important 4592468 Unknown Server 2012 Disclosure Vector: Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598278 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 (Server 4598297 Important 4592468 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1656
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 Server 2012 4598275 Important 4592484 Unknown Disclosure Vector: R2 Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 R2 (Server 4598275 Important 4592484 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657 - Windows Fax Compose Form Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Windows Fax Compose Form Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1657 Remote Code None Important MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1657
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Remote Security Temporal: 6.8 20H2 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4592438 Unknown 20H2 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598242 Base: 7.8 Version Important Code 4592438 Unknown Security Temporal: 6.8 20H2 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Remote Security Temporal: 6.8 version 20H2 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Remote Version 1803 Security Temporal: 6.8 Important Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Remote Version 1803 Security Temporal: 6.8 Important Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
Windows 10 4598245 Base: 7.8 Version 1803 Remote Security Temporal: 6.8 for ARM64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Remote Version 1809 Security Temporal: 6.8 Important Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Remote Version 1809 Security Temporal: 6.8 Important Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Remote Security Temporal: 6.8 for ARM64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
4598230 Base: 7.8 Remote Windows Security Temporal: 6.8 Important Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Remote Server 2019 Security Temporal: 6.8 Important Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version 1909 Security Temporal: 6.8 Important Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version 1909 Security Temporal: 6.8 Important Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
Windows 10 4598229 Base: 7.8 Version 1909 Remote Security Temporal: 6.8 for ARM64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Remote Security Temporal: 6.8 version 1909 Important Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Remote Version 2004 Security Temporal: 6.8 Important Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Remote Windows 10 Security Temporal: 6.8 Important Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657 based Systems
Windows 10 4598242 Base: 7.8 Remote Version 2004 Security Temporal: 6.8 Important Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Remote Security Temporal: 6.8 version 2004 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for 32-bit Important Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for x64-based Important Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version 1607 Security Temporal: 6.8 Important Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version 1607 Security Temporal: 6.8 Important Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Remote Windows Security Temporal: 6.8 Important Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
Windows 4598243 Base: 7.8 Remote Server 2016 Security Temporal: 6.8 Important Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Remote Temporal: 6.8 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Remote Temporal: 6.8 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for 32-bit 4598275 Important Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for x64-based 4598275 Important Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Remote Windows RT Monthly Temporal: 6.8 Important Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Remote for 32-bit Temporal: 6.8 4598287 Important Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Remote Systems Temporal: 6.8 4598287 Important Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Remote Server 2008 Temporal: 6.8 Rollup Important Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Remote Systems Temporal: 6.8 4598287 Important Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Remote Temporal: 6.8 based 4598289 Important Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Remote Temporal: 6.8 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Remote Windows Temporal: 6.8 4598297 Important Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Important Code 4592468 Base: 7.8 Unknown Server 2012 Rollup Execution Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1657
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Remote Temporal: 6.8 Server 2012 4598275 Important Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Remote Temporal: 6.8 R2 (Server 4598275 Important Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1658 Remote Code None Critical MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1658
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 20H2 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658 based Systems
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 8.8 for x64-based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Critical Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Critical Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Critical Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Critical Code 4592468 Base: 8.8 Unknown Server 2012 Rollup Execution Temporal: 7.7 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1658
(Server Core Security Vector: installation) Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1659 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 7.8 for 32-bit Elevation Monthly Temporal: 6.8 Systems Important of 4592471 Unknown Rollup Vector: Service Pack Privilege 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for x64-based Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Base: 7.8 Elevation Server 2008 Monthly Temporal: 6.8 Important of 4592498 Unknown for x64-based Rollup Vector: Privilege Systems 4598287 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Windows Elevation Monthly Temporal: 6.8 Server 2012 Important of 4592484 Unknown Rollup Vector: R2 Privilege 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1659
Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1660 Remote Code None Critical MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1660
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 20H2 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660 based Systems
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 8.8 for x64-based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Critical Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Critical Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Critical Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Critical Code 4592468 Base: 8.8 Unknown Server 2012 Rollup Execution Temporal: 7.7 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1660
(Server Core Security Vector: installation) Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661 - Windows Installer Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Installer Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1661 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 7.8 for 32-bit Elevation Monthly Temporal: 6.8 Systems Important of 4592471 Unknown Rollup Vector: Service Pack Privilege 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for x64-based Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Base: 7.8 Elevation Server 2008 Monthly Temporal: 6.8 Important of 4592498 Unknown for x64-based Rollup Vector: Privilege Systems 4598287 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Windows Elevation Monthly Temporal: 6.8 Server 2012 Important of 4592484 Unknown Rollup Vector: R2 Privilege 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1661
Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
CVE-2021-1662 - Windows Event Tracing Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability CVE-2021-1662 Description: MITRE Important Elevation of Privilege NVD FAQ: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1662
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1662
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Elevation 4598242 Base: 7.8 Server, Important of 4592438 Unknown Security Temporal: 6.8 version 20H2 Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1662
(Server Core Update Vector: Installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for x64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1662
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1662
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for x64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1662
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for x64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1662 based Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
CVE-2021-1663 - Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows Projected File System FS Filter Driver Information Disclosure CVE- Information Vulnerability Important 2021-1663 Disclosure Description:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
MITRE NVD FAQ:
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1663
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Information Windows 4598242 Important 4592438 Base: 5.5 Unknown 10 Version Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1663
20H2 for Update Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C based Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 20H2 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core Installation)
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows Information 10 Version 4598242 Important 4592438 Base: 5.5 Unknown 2004 for Security Disclosure Temporal: 4.8 ARM64-
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1663 based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1664 Remote Code None Important MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1664
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Version Remote Security Temporal: 7.7 20H2 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Remote Version Security Temporal: 7.7 Important Code 4592438 Unknown 20H2 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598242 Base: 8.8 Version Important Code 4592438 Unknown Security Temporal: 7.7 20H2 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
ARM64- Update Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Important Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for x64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Important Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for x64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Important Code 4592440 Unknown Version 1809 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664 based Systems
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Important Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Important Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598229 Base: 8.8 Version 1909 Important Code 4592449 Unknown Security Temporal: 7.7 for x64- Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664 based Update Vector: Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Important Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Important Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Windows 10 4598242 Base: 8.8 Version 2004 Remote Security Temporal: 7.7 for ARM64- Important Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Version 2004 Remote Security Temporal: 7.7 for x64- Important Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 Remote for 32-bit 4598231 Important Code 4592464 Base: 8.8 Yes Systems Security Execution Temporal: 7.7
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Update Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 8.8 Remote for x64- Security Temporal: 7.7 Important Code 4592464 Yes based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Important Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Version 1607 Remote Security Temporal: 7.7 for x64- Important Code 4593226 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Important Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
Windows 7 4598279 Remote Base: 8.8 for x64- Monthly Important Code 4592471 Unknown Temporal: 7.7 based Rollup Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Systems 4598289 Vector: Service Pack Security CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Important Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Windows 8.1 Base: 8.8 Rollup Remote for x64- Temporal: 7.7 4598275 Important Code 4592484 Unknown based Vector: Security Execution systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Important Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Important Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Important Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Windows 4598288 Server 2008 Monthly Base: 8.8 for x64- Rollup Remote Temporal: 7.7 based 4598287 Important Code 4592498 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 2
Windows Server 2008 4598288 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598287 Important Code 4592498 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 2 (Server Only Core installation)
Windows 4598279 Remote Server 2008 Monthly Important Code 4592471 Base: 8.8 Unknown R2 for x64- Rollup Execution Temporal: 7.7 based 4598289
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Systems Security Vector: Service Pack Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Important Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
4598278 Monthly Windows Base: 8.8 Rollup Remote Server 2012 Temporal: 7.7 4598297 Important Code 4592468 Unknown (Server Core Vector: Security Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Important Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
Windows 4598285 Base: 8.8 Server 2012 Remote Monthly Temporal: 7.7 R2 (Server Important Code 4592484 Unknown Rollup Vector: Core Execution 4598275 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1664
Only
CVE-2021-1665 - GDI+ Remote Code Execution Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: GDI+ Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021-1665 Mitigations: MITRE None Critical Remote Code Execution NVD Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1665
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Remote Version 20H2 Security Temporal: 6.8 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Remote Version 20H2 Security Temporal: 6.8 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
Windows 10 4598242 Base: 7.8 Version 20H2 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Remote Security Temporal: 6.8 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Remote Version 1803 Security Temporal: 6.8 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Remote Version 1803 Security Temporal: 6.8 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
Windows 10 4598245 Base: 7.8 Version 1803 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Remote Version 1809 Security Temporal: 6.8 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Remote Version 1809 Security Temporal: 6.8 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
4598230 Base: 7.8 Remote Windows Security Temporal: 6.8 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Remote Server 2019 Security Temporal: 6.8 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version 1909 Security Temporal: 6.8 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version 1909 Security Temporal: 6.8 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
Windows 10 4598229 Base: 7.8 Version 1909 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Remote Security Temporal: 6.8 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Remote Version 2004 Security Temporal: 6.8 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Remote Windows 10 Security Temporal: 6.8 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665 based Systems
Windows 10 4598242 Base: 7.8 Remote Version 2004 Security Temporal: 6.8 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Remote Security Temporal: 6.8 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version 1607 Security Temporal: 6.8 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version 1607 Security Temporal: 6.8 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Remote Windows Security Temporal: 6.8 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
Windows 4598243 Base: 7.8 Remote Server 2016 Security Temporal: 6.8 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Remote Temporal: 6.8 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Remote Temporal: 6.8 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Remote Windows RT Monthly Temporal: 6.8 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Remote for 32-bit Temporal: 6.8 4598287 Critical Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Remote Systems Temporal: 6.8 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Remote Server 2008 Temporal: 6.8 Rollup Critical Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Remote Systems Temporal: 6.8 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Remote Temporal: 6.8 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Remote Temporal: 6.8 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Remote Windows Temporal: 6.8 4598297 Critical Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Critical Code 4592468 Base: 7.8 Unknown Server 2012 Rollup Execution Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1665
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Remote Temporal: 6.8 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Remote Temporal: 6.8 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1666 Remote Code None Critical MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1666
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 20H2 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666 based Systems
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 8.8 for x64-based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Critical Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Critical Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Critical Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Critical Code 4592468 Base: 8.8 Unknown Server 2012 Rollup Execution Temporal: 7.7 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1666
(Server Core Security Vector: installation) Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1667 Remote Code None Critical MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1667
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 20H2 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667 based Systems
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 8.8 for x64-based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Critical Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Critical Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Critical Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Critical Code 4592468 Base: 8.8 Unknown Server 2012 Rollup Execution Temporal: 7.7 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1667
(Server Core Security Vector: installation) Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668 - Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1668 Remote Code None Critical MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1668
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Remote Version 20H2 Security Temporal: 6.8 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Remote Version 20H2 Security Temporal: 6.8 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Remote Windows 10 Security Temporal: 6.8 Critical Code 4592438 Unknown Version 20H2 Update Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668 based Systems
Windows 4598242 Base: 7.8 Server, Remote Security Temporal: 6.8 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Remote Version 1803 Security Temporal: 6.8 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Remote Version 1803 Security Temporal: 6.8 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
Windows 10 4598245 Base: 7.8 Version 1803 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Remote Version 1809 Security Temporal: 6.8 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Remote Version 1809 Security Temporal: 6.8 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
4598230 Base: 7.8 Remote Windows Security Temporal: 6.8 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Remote Server 2019 Security Temporal: 6.8 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version 1909 Security Temporal: 6.8 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version 1909 Security Temporal: 6.8 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
Windows 10 4598229 Base: 7.8 Version 1909 Remote Security Temporal: 6.8 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Remote Security Temporal: 6.8 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Remote Version 2004 Security Temporal: 6.8 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Remote Windows 10 Security Temporal: 6.8 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668 based Systems
Windows 10 4598242 Base: 7.8 Remote Version 2004 Security Temporal: 6.8 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Remote Security Temporal: 6.8 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version 1607 Security Temporal: 6.8 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version 1607 Security Temporal: 6.8 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Remote Windows Security Temporal: 6.8 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
Windows 4598243 Base: 7.8 Remote Server 2016 Security Temporal: 6.8 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Remote Temporal: 6.8 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Remote Temporal: 6.8 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Remote Windows RT Monthly Temporal: 6.8 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Remote Temporal: 6.8 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Remote Temporal: 6.8 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Remote Windows Monthly Critical Code 4592468 Base: 7.8 Unknown Server 2012 Rollup Execution Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
Security Vector: Only CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598278 Monthly Windows Base: 7.8 Rollup Remote Server 2012 Temporal: 6.8 4598297 Critical Code 4592468 Unknown (Server Core Vector: Security Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows Rollup Remote Temporal: 6.8 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1668
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Remote Temporal: 6.8 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
CVE-2021-1669 - Windows Remote Desktop Security Feature Bypass Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE-2021- 1669 CVE Title: Windows Remote Desktop Security Feature Bypass Security Feature Important MITRE Vulnerability Bypass NVD Description:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
FAQ:
How do I get the update for Microsoft Remote Desktop for Android?
1. Tap the Google Play icon on your home screen.
2. Swipe in from the left edge of the screen.
3. Tap My apps & games.
4. Tap the Update box next to the Remote Desktop app.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1669
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Version Security Security Temporal: 7.7 20H2 for Important Feature 4592438 Unknown Update Vector: x64-based Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Security Version Security Temporal: 7.7 Important Feature 4592438 Unknown 20H2 for 32- Update Vector: Bypass bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Security 4598242 Base: 8.8 Version Important Feature 4592438 Unknown Security Temporal: 7.7 20H2 for Bypass
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
ARM64- Update Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 8.8 Server, Security Security Temporal: 7.7 version 20H2 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Security Version 1803 Security Temporal: 7.7 Important Feature 4592446 Yes for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Security Version 1803 Security Temporal: 7.7 Important Feature 4592446 Yes for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
Windows 10 4598245 Base: 8.8 Version 1803 Security Security Temporal: 7.7 for ARM64- Important Feature 4592446 Yes Update Vector: based Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Security Version 1809 Security Temporal: 7.7 Important Feature 4592440 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Security Version 1809 Security Temporal: 7.7 Important Feature 4592440 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Security Security Temporal: 7.7 for ARM64- Important Feature 4592440 Unknown Update Vector: based Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
4598230 Base: 8.8 Security Windows Security Temporal: 7.7 Important Feature 4592440 Unknown Server 2019 Update Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Security Version 1909 Security Temporal: 7.7 Important Feature 4592449 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Security Version 1909 Security Temporal: 7.7 Important Feature 4592449 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Version 1909 Security Security Temporal: 7.7 for ARM64- Important Feature 4592449 Unknown Update Vector: based Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
Windows 4598229 Base: 8.8 Server, Security Security Temporal: 7.7 version 1909 Important Feature 4592449 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Security Version 2004 Security Temporal: 7.7 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Version 2004 Security Security Temporal: 7.7 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Security Version 2004 Security Temporal: 7.7 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
Windows 4598242 Base: 8.8 Server, Security Security Temporal: 7.7 version 2004 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Security Security Temporal: 7.7 for 32-bit Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 8.8 Windows 10 Security Security Temporal: 7.7 for x64-based Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Security Version 1607 Security Temporal: 7.7 Important Feature 4593226 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
Windows 10 4598243 Base: 8.8 Security Version 1607 Security Temporal: 7.7 Important Feature 4593226 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Security Windows Security Temporal: 7.7 Important Feature 4593226 Unknown Server 2016 Update Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 8.8 Security Server 2016 Security Temporal: 7.7 Important Feature 4593226 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Release Microsoft Base: 8.8 Notes Security Remote Temporal: 7.7 Security Important Feature 4593226 Maybe Desktop for Vector: Update Bypass Android CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1669
Remote Release Base: 8.8 Desktop Notes Security Temporal: 7.7 client for Security Important Feature 4593226 Maybe Vector: Windows Update Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Desktop
Release Base: 8.8 Microsoft Notes Security Temporal: 7.7 Remote Security Important Feature 4593226 Maybe Vector: Desktop Update Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1670 - Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Description:
FAQ:
CVE- What type of information could be disclosed by this vulnerability? 2021-1670 Information The type of information that could be disclosed if an attacker successfully exploited this Important MITRE Disclosure vulnerability is memory layout - the vulnerability allows an attacker to collect information that NVD facilitates predicting addressing of the memory.
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1670
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
4598242 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4592438 Unknown 10 Version Update Disclosure Vector: 20H2 for CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1670 x64-based Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 Server, Security Information Temporal: 4.8 Important 4592438 Unknown version Update Disclosure Vector: 20H2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1670
Core Installation)
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 5.5 2004 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1670
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
CVE-2021-1671 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE-2021- CVE Title: Remote Procedure Call Runtime Remote Code Execution 1671 Vulnerability Remote Code Important MITRE Description: Execution NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1671
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Windows 10 4598242 Base: 8.8 Version Remote Security Temporal: 7.7 20H2 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Remote Version Security Temporal: 7.7 Important Code 4592438 Unknown 20H2 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 8.8 Remote 20H2 for Security Temporal: 7.7 Important Code 4592438 Unknown ARM64- Update Vector: Execution based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Remote 4598242 Base: 8.8 Server, Important Code 4592438 Unknown Security Temporal: 7.7 version 20H2 Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
(Server Core Update Vector: Installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Important Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for x64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Important Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for x64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Important Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Important Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for x64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Important Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Important Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Version 2004 Remote Security Temporal: 7.7 for ARM64- Important Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Important Code 4592438 Unknown Version 2004 Update Vector: Execution for x64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Important Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 8.8 Remote for x64- Security Temporal: 7.7 Important Code 4592464 Yes based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Important Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Version 1607 Remote Security Temporal: 7.7 for x64- Important Code 4593226 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Important Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly for x64- Base: 8.8 Rollup Remote based Temporal: 7.7 4598289 Important Code 4592471 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 1
4598285 Base: 8.8 Windows 8.1 Remote Monthly Temporal: 7.7 for 32-bit Important Code 4592484 Unknown Rollup Vector: systems Execution 4598275 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Only
4598285 Monthly Windows 8.1 Base: 8.8 Rollup Remote for x64- Temporal: 7.7 4598275 Important Code 4592484 Unknown based Vector: Security Execution systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Important Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Important Code 4592498 Unknown for 32-bit Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Important Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598288 Server 2008 Monthly Base: 8.8 for x64- Rollup Remote Temporal: 7.7 based 4598287 Important Code 4592498 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Windows Server 2008 4598288 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598287 Important Code 4592498 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Important Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows 4598279 Remote Server 2008 Monthly Important Code 4592471 Base: 8.8 Unknown R2 for x64- Rollup Execution Temporal: 7.7 based 4598289
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
Systems Security Vector: Service Pack Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Important Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 8.8 Rollup Remote Server 2012 Temporal: 7.7 4598297 Important Code 4592468 Unknown (Server Core Vector: Security Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1671
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Important Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Important Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672 - Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Description:
FAQ:
CVE- What type of information could be disclosed by this vulnerability? 2021-1672 Information The type of information that could be disclosed if an attacker successfully exploited this Important MITRE Disclosure vulnerability is memory layout - the vulnerability allows an attacker to collect information that NVD facilitates predicting addressing of the memory.
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1672
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
4598242 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4592438 Unknown 10 Version Update Disclosure Vector: 20H2 for CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672 x64-based Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 Server, Security Information Temporal: 4.8 Important 4592438 Unknown version Update Disclosure Vector: 20H2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672
Core Installation)
Windows 4598245 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598245 Base: 5.5 10 Version Security Information Temporal: 4.8 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 5.5 1803 for Security Information Temporal: 4.8 Important 4592446 Yes ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672
Windows 4598230 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 10 Version Security Information Temporal: 4.8 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 5.5 1809 for Security Information Temporal: 4.8 Important 4592440 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Information 4598230 Important 4592440 Base: 5.5 Unknown Server 2019 Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672
Update Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 Server 2019 Security Information Temporal: 4.8 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 4598229 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598229 Base: 5.5 10 Version Security Information Temporal: 4.8 1909 for Important 4592449 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672
Windows 10 Version 4598229 Base: 5.5 1909 for Security Information Temporal: 4.8 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598229 Base: 5.5 version Security Information Temporal: 4.8 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1672
Windows 10 Version 4598242 Base: 5.5 2004 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1673 Remote Code None Critical MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1673
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Remote Version 20H2 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 20H2 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Critical Code 4592446 Yes for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Critical Code 4592440 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Critical Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Critical Code 4592449 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Critical Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Critical Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Critical Code 4592438 Unknown Version 2004 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673 based Systems
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Critical Code 4592438 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Critical Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for x64-based Critical Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Critical Code 4593226 Unknown for x64-based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Critical Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Critical Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 8.8 for x64-based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for x64-based 4598275 Critical Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Critical Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Critical Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Critical Code 4592498 Unknown for x64-based Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Critical Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Critical Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Critical Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Critical Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Remote Windows Monthly Critical Code 4592468 Base: 8.8 Unknown Server 2012 Rollup Execution Temporal: 7.7 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1673
(Server Core Security Vector: installation) Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Critical Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Critical Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674 - Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1674 Security Feature None Important MITRE Bypass Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1674
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Security Version 20H2 Security Temporal: 7.7 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Security Version 20H2 Security Temporal: 7.7 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Security Version 20H2 Security Temporal: 7.7 Important Feature 4592438 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 4598242 Base: 8.8 Server, Security Security Temporal: 7.7 version 20H2 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Security Version 1803 Security Temporal: 7.7 Important Feature 4592446 Yes for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Security Version 1803 Security Temporal: 7.7 Important Feature 4592446 Yes for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Security Version 1803 Security Temporal: 7.7 Important Feature 4592446 Yes for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 10 4598230 Base: 8.8 Security Version 1809 Security Temporal: 7.7 Important Feature 4592440 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Security Version 1809 Security Temporal: 7.7 Important Feature 4592440 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Security Version 1809 Security Temporal: 7.7 Important Feature 4592440 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598230 Base: 8.8 Security Windows Security Temporal: 7.7 Important Feature 4592440 Unknown Server 2019 Update Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 4598230 Base: 8.8 Security Server 2019 Security Temporal: 7.7 Important Feature 4592440 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Security Version 1909 Security Temporal: 7.7 Important Feature 4592449 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Security Version 1909 Security Temporal: 7.7 Important Feature 4592449 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Security Version 1909 Security Temporal: 7.7 Important Feature 4592449 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 4598229 Base: 8.8 Server, Security Security Temporal: 7.7 version 1909 Important Feature 4592449 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Security Version 2004 Security Temporal: 7.7 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Security Version 2004 Security Temporal: 7.7 Important Feature 4592438 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Security Version 2004 Security Temporal: 7.7 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 4598242 Base: 8.8 Server, Security Security Temporal: 7.7 version 2004 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Security Security Temporal: 7.7 for 32-bit Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 8.8 Windows 10 Security Security Temporal: 7.7 for x64-based Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Security Version 1607 Security Temporal: 7.7 Important Feature 4593226 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 10 4598243 Base: 8.8 Security Version 1607 Security Temporal: 7.7 Important Feature 4593226 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 8.8 Security Windows Security Temporal: 7.7 Important Feature 4593226 Unknown Server 2016 Update Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 8.8 Security Server 2016 Security Temporal: 7.7 Important Feature 4593226 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 8.8 for 32-bit Security Monthly Temporal: 7.7 Systems Important Feature 4592471 Unknown Rollup Vector: Service Pack Bypass 4598289 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Only
4598279 Windows 7 Monthly Base: 8.8 for x64-based Rollup Security Temporal: 7.7 Systems 4598289 Important Feature 4592471 Unknown Vector: Service Pack Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Security Temporal: 7.7 for 32-bit 4598275 Important Feature 4592484 Unknown Vector: systems Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Security Temporal: 7.7 for x64-based 4598275 Important Feature 4592484 Unknown Vector: systems Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Security Windows RT Monthly Temporal: 7.7 Important Feature 4592484 Unknown 8.1 Rollup Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows Monthly Server 2008 Base: 8.8 Rollup Security R2 for x64- Temporal: 7.7 4598289 Important Feature 4592471 Unknown based Systems Vector: Security Bypass Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Security Temporal: 7.7 based Systems 4598289 Important Feature 4592471 Unknown Vector: Service Pack Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Core Only installation)
4598278 Monthly Base: 8.8 Rollup Security Windows Temporal: 7.7 4598297 Important Feature 4592468 Unknown Server 2012 Vector: Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
Windows 4598278 Base: 8.8 Security Server 2012 Monthly Temporal: 7.7 Important Feature 4592468 Unknown (Server Core Rollup Vector: Bypass installation) 4598297 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1674
Only
4598285 Monthly Base: 8.8 Windows Rollup Security Temporal: 7.7 Server 2012 4598275 Important Feature 4592484 Unknown Vector: R2 Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Security Temporal: 7.7 R2 (Server 4598275 Important Feature 4592484 Unknown Vector: Core Security Bypass CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676 - Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability Description:
FAQ:
CVE- What type of information could be disclosed by this vulnerability? 2021-1676 Information The type of information that could be disclosed if an attacker successfully exploited this Important MITRE Disclosure vulnerability is memory layout - the vulnerability allows an attacker to collect information that NVD facilitates predicting addressing of the memory.
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1676
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
4598242 Base: 5.5 Windows 10 Security Information Temporal: 4.8 Important 4592438 Unknown Version Update Disclosure Vector: 20H2 for CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676 x64-based Systems
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 Server, Security Information Temporal: 4.8 Important 4592438 Unknown version Update Disclosure Vector: 20H2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Core Installation)
Windows 10 4598245 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 5.5 Version Security Information Temporal: 4.8 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 5.5 1803 for Security Information Temporal: 4.8 Important 4592446 Yes ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Windows 10 4598230 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 5.5 Version Security Information Temporal: 4.8 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 5.5 1809 for Security Information Temporal: 4.8 Important 4592440 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Information 4598230 Important 4592440 Base: 5.5 Unknown Server 2019 Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Update Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 Server 2019 Security Information Temporal: 4.8 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 10 4598229 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 5.5 Version Security Information Temporal: 4.8 1909 for Important 4592449 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Windows 10 Version 4598229 Base: 5.5 1909 for Security Information Temporal: 4.8 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598229 Base: 5.5 version Security Information Temporal: 4.8 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Windows 10 Version 4598242 Base: 5.5 2004 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
4598231 Base: 5.5 Windows 10 Security Information Temporal: 4.8 for 32-bit Important 4592464 Yes Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598231 Base: 5.5 for x64- Security Information Temporal: 4.8 Important 4592464 Yes based Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5.5 Version Security Information Temporal: 4.8 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5.5 Version Security Information Temporal: 4.8 1607 for Important 4593226 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
4598243 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 Server 2016 Security Information Temporal: 4.8 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
4598279 Windows 7 Monthly Base: 5.5 for 32-bit Rollup Information Temporal: 4.8 Systems 4598289 Important 4592471 Unknown Disclosure Vector: Service Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 1 Only
Information Windows 7 4598279 Important 4592471 Base: 5.5 Unknown for x64- Monthly Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676 based Rollup Vector: Systems 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Security Pack 1 Only
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 8.1 for 32- 4598275 Important 4592484 Unknown Disclosure Vector: bit systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Monthly Windows Base: 5.5 Rollup 8.1 for x64- Information Temporal: 4.8 4598275 Important 4592484 Unknown based Disclosure Vector: Security systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
4598285 Base: 5.5 Windows Monthly Information Temporal: 4.8 Important 4592484 Unknown RT 8.1 Rollup Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 5.5 Rollup for 32-bit Information Temporal: 4.8 4598287 Important 4592498 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 2
Windows 4598288 Monthly Server 2008 Base: 5.5 Rollup for 32-bit Information Temporal: 4.8 4598287 Important 4592498 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 2 Only (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Core installation)
Windows 4598288 Server 2008 Monthly Base: 5.5 for x64- Rollup Information Temporal: 4.8 based 4598287 Important 4592498 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 2
Windows Server 2008 4598288 for x64- Monthly based Base: 5.5 Rollup Systems Information Temporal: 4.8 4598287 Important 4592498 Unknown Service Disclosure Vector: Security Pack 2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
Windows 4598279 Server 2008 Monthly Base: 5.5 R2 for x64- Rollup Information Temporal: 4.8 based 4598289 Important 4592471 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 1
Windows Server 2008 4598279 R2 for x64- Monthly based Base: 5.5 Rollup Systems Information Temporal: 4.8 4598289 Important 4592471 Unknown Service Disclosure Vector: Security Pack 1 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
4598278 Windows Information Base: 5.5 Monthly Important 4592468 Unknown Server 2012 Disclosure Temporal: 4.8 Rollup
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
4598297 Vector: Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598278 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 (Server 4598297 Important 4592468 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 Server 2012 4598275 Important 4592484 Unknown Disclosure Vector: R2 Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1676
4598285 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 R2 (Server 4598275 Important 4592484 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
CVE-2021-1677 - Azure Active Directory Pod Identity Spoofing Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
CVE- CVE Title: Azure Active Directory Pod Identity Spoofing Vulnerability 2021- Description: 1677 Important Spoofing MITRE FAQ: NVD What can an attacker do with this vulnerability?
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
The AAD pod identity enables users to assign identities to pods in Kubernetes clusters and fetch them from the pods using a regular IMDS (Azure Instance Metadata Service) request. When an identity is assigned to a pod, the pod can access to the IMDS endpoint and get a token of that identity. An attacker who successfully exploited this vulnerability can laterally steal the identities that are associated with different pods.
How do I know if I need to install the update?
Customers with existing installation need to re-deploy their cluster and use Azure CNI instead of the default kubernet.
For more information, please see details here:
Configure Azure CNI networking in Azure Kubernetes Service (AKS)
Deploy AAD Pod Identity in a Cluster with Kubenet
New installations will already have the update installed.
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Impact Rating
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1677
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Release Microsoft Base: 5.5 Notes Important Spoofing Maybe Azure Temporal: 4.8 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1677
Kubernetes Update Vector: Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2021-1678 - NTLM Security Feature Bypass Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: NTLM Security Feature Bypass Vulnerability Description:
FAQ: None CVE-2021-1678 Mitigations: MITRE None Important Security Feature Bypass NVD Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1678
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 4.3 Security Version 20H2 Security Temporal: 3.8 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 4.3 Security Version 20H2 Security Temporal: 3.8 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Windows 10 4598242 Base: 4.3 Security Version 20H2 Security Temporal: 3.8 Important Feature 4592438 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 4.3 Server, Security Security Temporal: 3.8 version 20H2 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 4.3 Security Version 1803 Security Temporal: 3.8 Important Feature 4592446 Yes for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 4.3 Security Version 1803 Security Temporal: 3.8 Important Feature 4592446 Yes for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Windows 10 4598245 Base: 4.3 Security Version 1803 Security Temporal: 3.8 Important Feature 4592446 Yes for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 4.3 Security Version 1809 Security Temporal: 3.8 Important Feature 4592440 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 4.3 Security Version 1809 Security Temporal: 3.8 Important Feature 4592440 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 4.3 Security Version 1809 Security Temporal: 3.8 Important Feature 4592440 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
4598230 Base: 4.3 Security Windows Security Temporal: 3.8 Important Feature 4592440 Unknown Server 2019 Update Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 4.3 Security Server 2019 Security Temporal: 3.8 Important Feature 4592440 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 4.3 Security Version 1909 Security Temporal: 3.8 Important Feature 4592449 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 4.3 Security Version 1909 Security Temporal: 3.8 Important Feature 4592449 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Windows 10 4598229 Base: 4.3 Security Version 1909 Security Temporal: 3.8 Important Feature 4592449 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 4598229 Base: 4.3 Server, Security Security Temporal: 3.8 version 1909 Important Feature 4592449 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 4.3 Security Version 2004 Security Temporal: 3.8 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 4.3 Security Version 2004 Security Temporal: 3.8 Important Feature 4592438 Unknown for ARM64- Update Vector: Bypass based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Windows 10 4598242 Base: 4.3 Security Version 2004 Security Temporal: 3.8 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 4.3 Server, Security Security Temporal: 3.8 version 2004 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C installation)
4598231 Base: 4.3 Windows 10 Security Security Temporal: 3.8 for 32-bit Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
4598231 Base: 4.3 Windows 10 Security Security Temporal: 3.8 for x64-based Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Windows 10 4598243 Base: 4.3 Security Version 1607 Security Temporal: 3.8 Important Feature 4593226 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 4.3 Security Version 1607 Security Temporal: 3.8 Important Feature 4593226 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
4598243 Base: 4.3 Security Windows Security Temporal: 3.8 Important Feature 4593226 Unknown Server 2016 Update Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 4.3 Security Server 2016 Security Temporal: 3.8 Important Feature 4593226 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
4598279 Monthly Windows 7 Base: 4.3 Rollup Security for 32-bit Temporal: 3.8 4598289 Important Feature 4592471 Unknown Systems Vector: Security Bypass Service Pack 1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Only
4598279 Monthly Windows 7 Base: 4.3 Rollup Security for x64-based Temporal: 3.8 4598289 Important Feature 4592471 Unknown Systems Vector: Security Bypass Service Pack 1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Base: 4.3 Windows 8.1 Security Monthly Temporal: 3.8 for 32-bit Important Feature 4592484 Unknown Rollup Vector: systems Bypass 4598275 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Only
4598285 Monthly Base: 4.3 Windows 8.1 Rollup Security Temporal: 3.8 for x64-based 4598275 Important Feature 4592484 Unknown Vector: systems Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Base: 4.3 Security Windows RT Monthly Temporal: 3.8 Important Feature 4592484 Unknown 8.1 Rollup Vector: Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Windows 4598288 Base: 4.3 Server 2008 Security Monthly Temporal: 3.8 for 32-bit Important Feature 4592498 Unknown Rollup Vector: Systems Bypass 4598287 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Service Pack 2 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Only
Windows 4598288 Server 2008 Monthly Base: 4.3 for 32-bit Rollup Security Temporal: 3.8 Systems 4598287 Important Feature 4592498 Unknown Vector: Service Pack 2 Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C (Server Core Only installation)
4598288 Windows Monthly Base: 4.3 Server 2008 Rollup Security Temporal: 3.8 for x64-based 4598287 Important Feature 4592498 Unknown Vector: Systems Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Service Pack 2 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
Windows 4598288 Server 2008 Monthly Base: 4.3 for x64-based Rollup Security Temporal: 3.8 Systems 4598287 Important Feature 4592498 Unknown Vector: Service Pack 2 Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C (Server Core Only installation)
4598279 Windows Monthly Base: 4.3 Server 2008 Rollup Security Temporal: 3.8 R2 for x64- 4598289 Important Feature 4592471 Unknown Vector: based Systems Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Service Pack 1 Only
Windows 4598279 Base: 4.3 Security Server 2008 Monthly Temporal: 3.8 Important Feature 4592471 Unknown R2 for x64- Rollup Vector: Bypass based Systems 4598289 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Service Pack 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
(Server Core Only installation)
4598278 Monthly Base: 4.3 Rollup Security Windows Temporal: 3.8 4598297 Important Feature 4592468 Unknown Server 2012 Vector: Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 4.3 Rollup Security Server 2012 Temporal: 3.8 4598297 Important Feature 4592468 Unknown (Server Core Vector: Security Bypass installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1678
4598285 Monthly Base: 4.3 Windows Rollup Security Temporal: 3.8 Server 2012 4598275 Important Feature 4592484 Unknown Vector: R2 Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 4.3 Server 2012 Rollup Security Temporal: 3.8 R2 (Server 4598275 Important Feature 4592484 Unknown Vector: Core Security Bypass CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679 - Windows CryptoAPI Denial of Service Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CryptoAPI Denial of Service Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1679 None MITRE Important Denial of Service Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 6.5 Denial Version 20H2 Security Temporal: 5.7 Important of 4592438 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 6.5 Denial Version 20H2 Security Temporal: 5.7 Important of 4592438 Unknown for 32-bit Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 6.5 Denial Version 20H2 Security Temporal: 5.7 Important of 4592438 Unknown for ARM64- Update Vector: Service based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows Denial 4598242 Base: 6.5 Server, version Important of 4592438 Unknown Security Temporal: 5.7 20H2 (Server Service
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
Core Update Vector: Installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 6.5 Denial Version 1803 Security Temporal: 5.7 Important of 4592446 Yes for 32-bit Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 6.5 Denial Version 1803 Security Temporal: 5.7 Important of 4592446 Yes for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 6.5 Denial Version 1803 Security Temporal: 5.7 Important of 4592446 Yes for ARM64- Update Vector: Service based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Denial Windows 10 4598230 Important of 4592440 Base: 6.5 Unknown Version 1809 Security Service Temporal: 5.7
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679 for 32-bit Update Vector: Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 6.5 Denial Version 1809 Security Temporal: 5.7 Important of 4592440 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 6.5 Denial Version 1809 Security Temporal: 5.7 Important of 4592440 Unknown for ARM64- Update Vector: Service based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
4598230 Base: 6.5 Denial Windows Security Temporal: 5.7 Important of 4592440 Unknown Server 2019 Update Vector: Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Denial Windows 4598230 Important of 4592440 Base: 6.5 Unknown Server 2019 Security Service Temporal: 5.7
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
(Server Core Update Vector: installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 6.5 Denial Version 1909 Security Temporal: 5.7 Important of 4592449 Unknown for 32-bit Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 6.5 Denial Version 1909 Security Temporal: 5.7 Important of 4592449 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 6.5 Denial Version 1909 Security Temporal: 5.7 Important of 4592449 Unknown for ARM64- Update Vector: Service based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows Denial 4598229 Base: 6.5 Server, version Important of 4592449 Unknown Security Temporal: 5.7 1909 (Server Service
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
Core Update Vector: installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 6.5 Denial Version 2004 Security Temporal: 5.7 Important of 4592438 Unknown for 32-bit Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 6.5 Denial Version 2004 Security Temporal: 5.7 Important of 4592438 Unknown for ARM64- Update Vector: Service based Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 6.5 Denial Version 2004 Security Temporal: 5.7 Important of 4592438 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows Denial 4598242 Base: 6.5 Server, version Important of 4592438 Unknown Security Temporal: 5.7 2004 (Server Service
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
Core Update Vector: installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
4598231 Base: 6.5 Windows 10 Denial Security Temporal: 5.7 for 32-bit Important of 4592464 Yes Update Vector: Systems Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
4598231 Base: 6.5 Windows 10 Denial Security Temporal: 5.7 for x64-based Important of 4592464 Yes Update Vector: Systems Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 6.5 Denial Version 1607 Security Temporal: 5.7 Important of 4593226 Unknown for 32-bit Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Denial Windows 10 4598243 Important of 4593226 Base: 6.5 Unknown Version 1607 Security Service Temporal: 5.7
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679 for x64-based Update Vector: Systems CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
4598243 Base: 6.5 Denial Windows Security Temporal: 5.7 Important of 4593226 Unknown Server 2016 Update Vector: Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 6.5 Denial Server 2016 Security Temporal: 5.7 Important of 4593226 Unknown (Server Core Update Vector: Service installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
4598279 Monthly Base: 6.5 Windows 7 for Rollup Denial Temporal: 5.7 32-bit Systems 4598289 Important of 4592471 Unknown Vector: Service Pack 1 Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
4598279 Monthly Windows 7 for Base: 6.5 Rollup Denial x64-based Temporal: 5.7 4598289 Important of 4592471 Unknown Systems Vector: Security Service Service Pack 1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 6.5 Windows 8.1 Rollup Denial Temporal: 5.7 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Only
4598285 Base: 6.5 Windows 8.1 Denial Monthly Temporal: 5.7 for x64-based Important of 4592484 Unknown Rollup Vector: systems Service 4598275 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
Only
4598285 Base: 6.5 Denial Windows RT Monthly Temporal: 5.7 Important of 4592484 Unknown 8.1 Rollup Vector: Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Base: 6.5 Server 2008 Rollup Denial Temporal: 5.7 for 32-bit 4598287 Important of 4592498 Unknown Vector: Systems Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Service Pack 2 Only
Windows 4598288 Base: 6.5 Denial Server 2008 Monthly Temporal: 5.7 Important of 4592498 Unknown for 32-bit Rollup Vector: Service Systems 4598287 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Service Pack 2 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
(Server Core Only installation)
4598288 Windows Monthly Base: 6.5 Server 2008 Rollup Denial Temporal: 5.7 for x64-based 4598287 Important of 4592498 Unknown Vector: Systems Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Service Pack 2 Only
Windows 4598288 Server 2008 Monthly Base: 6.5 for x64-based Rollup Denial Temporal: 5.7 Systems 4598287 Important of 4592498 Unknown Vector: Service Pack 2 Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C (Server Core Only installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
4598279 Windows Monthly Base: 6.5 Server 2008 Rollup Denial Temporal: 5.7 R2 for x64- 4598289 Important of 4592471 Unknown Vector: based Systems Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Service Pack 1 Only
Windows 4598279 Server 2008 Monthly Base: 6.5 R2 for x64- Rollup Denial Temporal: 5.7 based Systems 4598289 Important of 4592471 Unknown Vector: Service Pack 1 Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C (Server Core Only installation)
4598278 Base: 6.5 Denial Windows Monthly Temporal: 5.7 Important of 4592468 Unknown Server 2012 Rollup Vector: Service 4598297 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
Only
4598278 Monthly Windows Base: 6.5 Rollup Denial Server 2012 Temporal: 5.7 4598297 Important of 4592468 Unknown (Server Core Vector: Security Service installation) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 6.5 Windows Rollup Denial Temporal: 5.7 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1679
4598285 Windows Monthly Base: 6.5 Server 2012 Rollup Denial Temporal: 5.7 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Service CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C installation) Only
CVE-2021-1680 - Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE-2021- CVE Title: Diagnostics Hub Standard Collector Elevation of Privilege 1680 Vulnerability Elevation of Important MITRE Description: Privilege NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1680
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Elevation 4598242 Base: 7.8 Server, Important of 4592438 Unknown Security Temporal: 6.8 version 20H2 Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
(Server Core Update Vector: Installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Release Microsoft Base: 7.8 Notes Elevation Visual Studio Temporal: 6.8 Security Important of 4593226 Maybe 2019 version Vector: Update Privilege 16.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Microsoft Release Visual Studio Base: 7.8 Notes Elevation 2017 version Temporal: 6.8 Security Important of 4593226 Maybe 15.9 Vector: Update Privilege (includes CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0 - 15.8)
Release Microsoft Base: 7.8 Notes Elevation Visual Studio Temporal: 6.8 Security Important of 4593226 Maybe 2019 version Vector: Update Privilege 16.0 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Release Visual Studio Base: 7.8 Notes Elevation 2019 version Temporal: 6.8 Security Important of 4593226 Maybe 16.4 Vector: Update Privilege (includes CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0 - 16.3)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1680
Microsoft Visual Studio Release Base: 7.8 2019 version Notes Elevation Temporal: 6.8 16.7 Security Important of 4593226 Maybe Vector: (includes Update Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16.0 – 16.6)
Microsoft 4584787 Base: 7.8 Elevation Visual Studio Security Temporal: 6.8 Important of 4576950 Maybe 2015 Update Update Vector: Privilege 3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681 - Windows WalletService Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows WalletService Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1681 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: 32-bit Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681
Windows 4598245 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592446 Yes 1803 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598245 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1803 for Important of 4592446 Yes Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 7.8 Elevation 1803 for Security Temporal: 6.8 Important of 4592446 Yes ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Elevation Windows 4598230 Important of 4592440 Base: 7.8 Unknown 10 Version Security Privilege Temporal: 6.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681
1809 for 32- Update Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1809 for Important of 4592440 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 7.8 Elevation 1809 for Security Temporal: 6.8 Important of 4592440 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592449 Unknown 1909 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681
Windows 4598229 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1909 for Important of 4592449 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598229 Base: 7.8 Elevation 1909 for Security Temporal: 6.8 Important of 4592449 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592438 Unknown 2004 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Elevation 4598242 Base: 7.8 10 Version Important of 4592438 Unknown Security Temporal: 6.8 2004 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 2004 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598231 Base: 7.8 Windows Elevation Security Temporal: 6.8 10 for 32- Important of 4592464 Yes Update Vector: bit Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598231 Base: 7.8 Elevation 10 for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1681
Windows 4598243 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4593226 Unknown 1607 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1607 for Important of 4593226 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
CVE-2021-1682 - Windows Kernel Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Kernel Elevation of Privilege Vulnerability CVE-2021-1682 Description: MITRE Important Elevation of Privilege NVD FAQ: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1682
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1682
Windows 10 4598242 Base: 7 Version Elevation Security Temporal: 6.1 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7 Elevation Version Security Temporal: 6.1 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7 Elevation 20H2 for Security Temporal: 6.1 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Elevation 4598242 Base: 7 Server, Important of 4592438 Unknown Security Temporal: 6.1 version 20H2 Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1682
(Server Core Update Vector: Installation) CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7 Elevation Version 1803 Security Temporal: 6.1 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7 Version 1803 Elevation Security Temporal: 6.1 for x64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598245 Base: 7 Version 1803 Elevation Security Temporal: 6.1 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1682
Windows 10 4598230 Base: 7 Elevation Version 1809 Security Temporal: 6.1 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7 Version 1809 Elevation Security Temporal: 6.1 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7 Version 1809 Elevation Security Temporal: 6.1 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7 Elevation Windows Security Temporal: 6.1 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1682
Windows 4598230 Base: 7 Elevation Server 2019 Security Temporal: 6.1 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7 Elevation Version 1909 Security Temporal: 6.1 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7 Version 1909 Elevation Security Temporal: 6.1 for x64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598229 Base: 7 Version 1909 Elevation Security Temporal: 6.1 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1682
Windows 4598229 Base: 7 Server, Elevation Security Temporal: 6.1 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7 Elevation Version 2004 Security Temporal: 6.1 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7 Version 2004 Elevation Security Temporal: 6.1 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598242 Base: 7 Elevation Windows 10 Security Temporal: 6.1 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for x64- CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1682 based Systems
Windows 4598242 Base: 7 Server, Elevation Security Temporal: 6.1 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
CVE-2021-1683 - Windows Bluetooth Security Feature Bypass Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Bluetooth Security Feature Bypass Vulnerability Description: CVE-2021-1683 MITRE FAQ: Important Security Feature Bypass NVD None Mitigations: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1683
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Security Windows 10 4598242 Important Feature 4592438 Base: 5 Unknown Version 20H2 Security Bypass Temporal: 4.4
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683 for x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 5 Security Version 20H2 Security Temporal: 4.4 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 5 Version 20H2 Security Security Temporal: 4.4 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5 Server, Security Security Temporal: 4.4 version 20H2 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
Windows 10 4598245 Base: 5 Security Version 1803 Security Temporal: 4.4 Important Feature 4592446 Yes for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 5 Security Version 1803 Security Temporal: 4.4 Important Feature 4592446 Yes for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 5 Version 1803 Security Security Temporal: 4.4 for ARM64- Important Feature 4592446 Yes Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 5 Security Version 1809 Security Temporal: 4.4 Important Feature 4592440 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
Windows 10 4598230 Base: 5 Security Version 1809 Security Temporal: 4.4 Important Feature 4592440 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 5 Version 1809 Security Security Temporal: 4.4 for ARM64- Important Feature 4592440 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598230 Base: 5 Security Windows Security Temporal: 4.4 Important Feature 4592440 Unknown Server 2019 Update Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5 Security Server 2019 Security Temporal: 4.4 Important Feature 4592440 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
Windows 10 4598229 Base: 5 Security Version 1909 Security Temporal: 4.4 Important Feature 4592449 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 5 Security Version 1909 Security Temporal: 4.4 Important Feature 4592449 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 5 Version 1909 Security Security Temporal: 4.4 for ARM64- Important Feature 4592449 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 5 Server, Security Security Temporal: 4.4 version 1909 Important Feature 4592449 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
Windows 10 4598242 Base: 5 Security Version 2004 Security Temporal: 4.4 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 5 Version 2004 Security Security Temporal: 4.4 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5 Security Version 2004 Security Temporal: 4.4 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 5 Server, Security Security Temporal: 4.4 version 2004 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
4598231 Base: 5 Windows 10 Security Security Temporal: 4.4 for 32-bit Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598231 Base: 5 Windows 10 Security Security Temporal: 4.4 for x64-based Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5 Security Version 1607 Security Temporal: 4.4 Important Feature 4593226 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5 Security Version 1607 Security Temporal: 4.4 Important Feature 4593226 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
4598243 Base: 5 Security Windows Security Temporal: 4.4 Important Feature 4593226 Unknown Server 2016 Update Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5 Security Server 2016 Security Temporal: 4.4 Important Feature 4593226 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598285 Monthly Base: 5 Windows 8.1 Rollup Security Temporal: 4.4 for 32-bit 4598275 Important Feature 4592484 Unknown Vector: systems Security Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
Windows 8.1 4598285 Security Base: 5 for x64-based Monthly Important Feature 4592484 Unknown Temporal: 4.4 systems Rollup Bypass
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
4598275 Vector: Security CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Base: 5 Security Windows RT Monthly Temporal: 4.4 Important Feature 4592484 Unknown 8.1 Rollup Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598285 Monthly Base: 5 Windows Rollup Security Temporal: 4.4 Server 2012 4598275 Important Feature 4592484 Unknown Vector: R2 Security Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Windows Security Monthly Base: 5 Server 2012 Important Feature 4592484 Unknown Rollup Temporal: 4.4 R2 (Server Bypass 4598275
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1683
Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2021-1684 - Windows Bluetooth Security Feature Bypass Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Bluetooth Security Feature Bypass Vulnerability Description:
FAQ: CVE-2021-1684 None MITRE Mitigations: Important Security Feature Bypass NVD None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1684
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 5 Security Version 20H2 Security Temporal: 4.4 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Security Windows 10 4598242 Important Feature 4592438 Base: 5 Unknown Version 20H2 Security Bypass Temporal: 4.4
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684 for 32-bit Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598242 Base: 5 Version 20H2 Security Security Temporal: 4.4 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5 Server, Security Security Temporal: 4.4 version 20H2 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 5 Security Version 1803 Security Temporal: 4.4 Important Feature 4592446 Yes for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
Windows 10 4598245 Base: 5 Security Version 1803 Security Temporal: 4.4 Important Feature 4592446 Yes for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 5 Version 1803 Security Security Temporal: 4.4 for ARM64- Important Feature 4592446 Yes Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 5 Security Version 1809 Security Temporal: 4.4 Important Feature 4592440 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 5 Security Version 1809 Security Temporal: 4.4 Important Feature 4592440 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
Windows 10 4598230 Base: 5 Version 1809 Security Security Temporal: 4.4 for ARM64- Important Feature 4592440 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598230 Base: 5 Security Windows Security Temporal: 4.4 Important Feature 4592440 Unknown Server 2019 Update Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5 Security Server 2019 Security Temporal: 4.4 Important Feature 4592440 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 5 Security Version 1909 Security Temporal: 4.4 Important Feature 4592449 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
Windows 10 4598229 Base: 5 Security Version 1909 Security Temporal: 4.4 Important Feature 4592449 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Base: 5 Version 1909 Security Security Temporal: 4.4 for ARM64- Important Feature 4592449 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 5 Server, Security Security Temporal: 4.4 version 1909 Important Feature 4592449 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 5 Security Version 2004 Security Temporal: 4.4 Important Feature 4592438 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
Windows 10 4598242 Base: 5 Version 2004 Security Security Temporal: 4.4 for ARM64- Important Feature 4592438 Unknown Update Vector: based Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5 Security Version 2004 Security Temporal: 4.4 Important Feature 4592438 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 5 Server, Security Security Temporal: 4.4 version 2004 Important Feature 4592438 Unknown Update Vector: (Server Core Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
4598231 Base: 5 Windows 10 Security Security Temporal: 4.4 for 32-bit Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
4598231 Base: 5 Windows 10 Security Security Temporal: 4.4 for x64-based Important Feature 4592464 Yes Update Vector: Systems Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5 Security Version 1607 Security Temporal: 4.4 Important Feature 4593226 Unknown for 32-bit Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5 Security Version 1607 Security Temporal: 4.4 Important Feature 4593226 Unknown for x64-based Update Vector: Bypass Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598243 Base: 5 Security Windows Security Temporal: 4.4 Important Feature 4593226 Unknown Server 2016 Update Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
Windows 4598243 Base: 5 Security Server 2016 Security Temporal: 4.4 Important Feature 4593226 Unknown (Server Core Update Vector: Bypass installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598285 Monthly Base: 5 Windows 8.1 Rollup Security Temporal: 4.4 for 32-bit 4598275 Important Feature 4592484 Unknown Vector: systems Security Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Monthly Base: 5 Windows 8.1 Rollup Security Temporal: 4.4 for x64-based 4598275 Important Feature 4592484 Unknown Vector: systems Security Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1684
4598285 Base: 5 Security Windows RT Monthly Temporal: 4.4 Important Feature 4592484 Unknown 8.1 Rollup Vector: Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598285 Monthly Base: 5 Windows Rollup Security Temporal: 4.4 Server 2012 4598275 Important Feature 4592484 Unknown Vector: R2 Security Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 5 Server 2012 Rollup Security Temporal: 4.4 R2 (Server 4598275 Important Feature 4592484 Unknown Vector: Core Security Bypass CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685 - Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1685 Elevation of None Important MITRE Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1685
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598245 Base: 7.3 Elevation Version 1803 Security Temporal: 6.4 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.3 Elevation Version 1803 Security Temporal: 6.4 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598245 Base: 7.3 Elevation Windows 10 Security Temporal: 6.4 Important of 4592446 Yes Version 1803 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685 based Systems
Windows 10 4598230 Base: 7.3 Elevation Version 1809 Security Temporal: 6.4 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.3 Elevation Version 1809 Security Temporal: 6.4 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.3 Version 1809 Elevation Security Temporal: 6.4 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685
4598230 Base: 7.3 Elevation Windows Security Temporal: 6.4 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.3 Elevation Server 2019 Security Temporal: 6.4 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.3 Elevation Version 1909 Security Temporal: 6.4 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.3 Elevation Version 1909 Security Temporal: 6.4 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685
Windows 10 4598229 Base: 7.3 Version 1909 Elevation Security Temporal: 6.4 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.3 Elevation Version 2004 Security Temporal: 6.4 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.3 Elevation Windows 10 Security Temporal: 6.4 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685 based Systems
Windows 10 4598242 Base: 7.3 Elevation Version 2004 Security Temporal: 6.4 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.3 Version Elevation Security Temporal: 6.4 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685
Windows 10 4598242 Base: 7.3 Elevation Version Security Temporal: 6.4 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.3 Elevation 20H2 for Security Temporal: 6.4 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 Elevation for 32-bit 4598231 Important of 4592464 Base: 7.3 Yes Systems Security Privilege Temporal: 6.4
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685
Update Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.3 Windows 10 Elevation Security Temporal: 6.4 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.3 Elevation Version 1607 Security Temporal: 6.4 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.3 Elevation Version 1607 Security Temporal: 6.4 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Elevation Windows 4598243 Important of 4593226 Base: 7.3 Unknown Server 2016 Security Privilege Temporal: 6.4
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1685
Update Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.3 Elevation Server 2016 Security Temporal: 6.4 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2021-1686 - Windows WalletService Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows WalletService Elevation of Privilege Vulnerability Description: CVE-2021-1686 MITRE FAQ: Important Elevation of Privilege NVD None Mitigations: None Workarounds:
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1686
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
4598242 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592438 Unknown 10 Version Update Vector: Privilege 20H2 for CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1686 x64-based Systems
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: 32-bit Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598245 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592446 Yes 1803 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1686
Windows 4598245 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1803 for Important of 4592446 Yes Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 7.8 Elevation 1803 for Security Temporal: 6.8 Important of 4592446 Yes ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598230 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592440 Unknown 1809 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Elevation 4598230 Base: 7.8 10 Version Important of 4592440 Unknown Security Temporal: 6.8 1809 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1686 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598230 Base: 7.8 Elevation 1809 for Security Temporal: 6.8 Important of 4592440 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592449 Unknown 1909 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598229 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1909 for Important of 4592449 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1686
Windows 10 Version 4598229 Base: 7.8 Elevation 1909 for Security Temporal: 6.8 Important of 4592449 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592438 Unknown 2004 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Elevation 2004 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1686
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 2004 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598231 Base: 7.8 Windows Elevation Security Temporal: 6.8 10 for 32- Important of 4592464 Yes Update Vector: bit Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598231 Base: 7.8 Elevation 10 for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4593226 Unknown 1607 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1686
Windows 4598243 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1607 for Important of 4593226 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
CVE-2021-1687 - Windows WalletService Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows WalletService Elevation of Privilege Vulnerability Description:
CVE-2021-1687 FAQ: MITRE None Important Elevation of Privilege NVD Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1687
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1687
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: 32-bit Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598245 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592446 Yes 1803 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Elevation 4598245 Base: 7.8 10 Version Important of 4592446 Yes Security Temporal: 6.8 1803 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1687 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598245 Base: 7.8 Elevation 1803 for Security Temporal: 6.8 Important of 4592446 Yes ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598230 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592440 Unknown 1809 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1809 for Important of 4592440 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1687
Windows 10 Version 4598230 Base: 7.8 Elevation 1809 for Security Temporal: 6.8 Important of 4592440 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592449 Unknown 1909 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598229 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1909 for Important of 4592449 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Elevation 4598229 Base: 7.8 10 Version Important of 4592449 Unknown Security Temporal: 6.8 1909 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1687
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592438 Unknown 2004 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Elevation 2004 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 2004 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1687
4598231 Base: 7.8 Windows Elevation Security Temporal: 6.8 10 for 32- Important of 4592464 Yes Update Vector: bit Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598231 Base: 7.8 Elevation 10 for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4593226 Unknown 1607 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1607 for Important of 4593226 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1688 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 7.8 for 32-bit Elevation Monthly Temporal: 6.8 Systems Important of 4592471 Unknown Rollup Vector: Service Pack Privilege 4598289 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for x64-based Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Base: 7.8 Elevation Server 2008 Monthly Temporal: 6.8 Important of 4592498 Unknown for x64-based Rollup Vector: Privilege Systems 4598287 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7.8 Rollup Elevation Server 2012 Temporal: 6.8 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Windows Elevation Monthly Temporal: 6.8 Server 2012 Important of 4592484 Unknown Rollup Vector: R2 Privilege 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1688
Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689 - Windows Multipoint Management Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows Multipoint Management Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1689 Elevation of None Important MITRE Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1689
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598242 Base: 7.8 Version Important of 4592438 Unknown Security Temporal: 6.8 20H2 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for x64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592440 Unknown Version 1809 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689 based Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598229 Base: 7.8 Version 1909 Important of 4592449 Unknown Security Temporal: 6.8 for x64- Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689 based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for x64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 Elevation for 32-bit 4598231 Important of 4592464 Base: 7.8 Yes Systems Security Privilege Temporal: 6.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689
Update Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 7.8 Elevation for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Version 1607 Elevation Security Temporal: 6.8 for x64- Important of 4593226 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1689
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2021-1690 - Windows WalletService Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows WalletService Elevation of Privilege Vulnerability CVE-2021-1690 Description: MITRE Important Elevation of Privilege NVD FAQ: None Mitigations:
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1690
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1690
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: 32-bit Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1690
Windows 4598245 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592446 Yes 1803 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598245 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1803 for Important of 4592446 Yes Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 7.8 Elevation 1803 for Security Temporal: 6.8 Important of 4592446 Yes ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Elevation Windows 4598230 Important of 4592440 Base: 7.8 Unknown 10 Version Security Privilege Temporal: 6.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1690
1809 for 32- Update Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1809 for Important of 4592440 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 7.8 Elevation 1809 for Security Temporal: 6.8 Important of 4592440 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592449 Unknown 1909 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1690
Windows 4598229 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1909 for Important of 4592449 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598229 Base: 7.8 Elevation 1909 for Security Temporal: 6.8 Important of 4592449 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4592438 Unknown 2004 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Elevation 4598242 Base: 7.8 10 Version Important of 4592438 Unknown Security Temporal: 6.8 2004 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1690
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 10 Version Elevation Security Temporal: 6.8 2004 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598231 Base: 7.8 Windows Elevation Security Temporal: 6.8 10 for 32- Important of 4592464 Yes Update Vector: bit Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598231 Base: 7.8 Elevation 10 for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1690
Windows 4598243 Base: 7.8 Elevation 10 Version Security Temporal: 6.8 Important of 4593226 Unknown 1607 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 10 Version Elevation Security Temporal: 6.8 1607 for Important of 4593226 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
CVE-2021-1691 - Hyper-V Denial of Service Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Hyper-V Denial of Service Vulnerability CVE-2021-1691 Description: MITRE Important Denial of Service NVD FAQ: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1691
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1691
Windows 10 4598242 Base: 7.7 Denial Version 20H2 Security Temporal: 6.7 Important of 4592438 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.7 Server, Denial Security Temporal: 6.7 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598229 Base: 7.7 Denial Version 1909 Security Temporal: 6.7 Important of 4592449 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 4598229 Base: 7.7 Server, Denial Security Temporal: 6.7 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1691
Windows 10 4598242 Base: 7.7 Denial Version 2004 Security Temporal: 6.7 Important of 4592438 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.7 Server, Denial Security Temporal: 6.7 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C installation)
CVE-2021-1692 - Hyper-V Denial of Service Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Hyper-V Denial of Service Vulnerability CVE-2021-1692 Description: MITRE Important Denial of Service NVD FAQ: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1692
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1692
4598231 Base: 7.7 Windows 10 Denial Security Temporal: 6.7 for x64-based Important of 4592464 Yes Update Vector: Systems Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.7 Denial Version 1607 Security Temporal: 6.7 Important of 4593226 Unknown for x64-based Update Vector: Service Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
4598243 Base: 7.7 Denial Windows Security Temporal: 6.7 Important of 4593226 Unknown Server 2016 Update Vector: Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.7 Denial Server 2016 Security Temporal: 6.7 Important of 4593226 Unknown (Server Core Update Vector: Service installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1692
4598285 Monthly Base: 7.7 Windows 8.1 Rollup Denial Temporal: 6.7 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.7 Windows Rollup Denial Temporal: 6.7 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C Only
Windows 4598285 Base: 7.7 Server 2012 Denial Monthly Temporal: 6.7 R2 (Server Important of 4592484 Unknown Rollup Vector: Core Service 4598275 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C installation) Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1692
Only
CVE-2021-1693 - Windows CSC Service Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows CSC Service Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021-1693 Mitigations: MITRE None Important Elevation of Privilege NVD Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1693
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693 based Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Elevation Server 2008 Temporal: 6.8 Rollup Important of 4592498 Unknown for x64-based Vector: 4598287 Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.8 Unknown Server 2012 Rollup Privilege Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1693
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694 - Windows Update Stack Elevation of Privilege Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows Update Stack Elevation of Privilege Vulnerability Description:
FAQ:
What is the attack vector for this vulnerability?
To exploit this vulnerability, an attacker would need to launch a man-in-the-middle CVE-2021- (MiTM) attack against the traffic passing between a domain controller and the target 1694 machine. Elevation of Important MITRE Privilege
NVD Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1694
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598245 Base: 7.5 Elevation Version 1803 Security Temporal: 6.5 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598245 Base: 7.5 Version 1803 Important of 4592446 Yes Security Temporal: 6.5 for x64- Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694 based Update Vector: Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.5 Version 1803 Elevation Security Temporal: 6.5 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.5 Elevation Version 1809 Security Temporal: 6.5 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.5 Version 1809 Elevation Security Temporal: 6.5 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Windows 10 4598230 Base: 7.5 Version 1809 Elevation Security Temporal: 6.5 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.5 Elevation Windows Security Temporal: 6.5 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.5 Elevation Server 2019 Security Temporal: 6.5 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.5 Elevation Version 1909 Security Temporal: 6.5 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Windows 10 4598229 Base: 7.5 Version 1909 Elevation Security Temporal: 6.5 for x64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598229 Base: 7.5 Version 1909 Elevation Security Temporal: 6.5 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.5 Server, Elevation Security Temporal: 6.5 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Elevation Windows 10 4598242 Important of 4592438 Base: 7.5 Unknown Version 2004 Security Privilege Temporal: 6.5
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694 for 32-bit Update Vector: Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.5 Version 2004 Elevation Security Temporal: 6.5 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.5 Version 2004 Elevation Security Temporal: 6.5 for x64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.5 Server, Elevation Security Temporal: 6.5 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
4598231 Base: 7.5 Windows 10 Elevation Security Temporal: 6.5 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 7.5 Elevation for x64- Security Temporal: 6.5 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.5 Elevation Version 1607 Security Temporal: 6.5 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.5 Version 1607 Elevation Security Temporal: 6.5 for x64- Important of 4593226 Unknown Update Vector: based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
4598243 Base: 7.5 Elevation Windows Security Temporal: 6.5 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.5 Elevation Server 2016 Security Temporal: 6.5 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.5 for 32-bit Rollup Elevation Temporal: 6.5 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
Windows 7 4598279 Elevation Base: 7.5 for x64- Monthly Important of 4592471 Unknown Temporal: 6.5 based Rollup Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Systems 4598289 Vector: Service Pack Security CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7.5 Windows 8.1 Rollup Elevation Temporal: 6.5 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Windows 8.1 Base: 7.5 Rollup Elevation for x64- Temporal: 6.5 4598275 Important of 4592484 Unknown based Vector: Security Privilege systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
4598285 Base: 7.5 Elevation Windows RT Monthly Temporal: 6.5 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7.5 Rollup Elevation for 32-bit Temporal: 6.5 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.5 Rollup Elevation Systems Temporal: 6.5 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Windows 4598288 Server 2008 Monthly Base: 7.5 for x64- Rollup Elevation Temporal: 6.5 based 4598287 Important of 4592498 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 2
Windows Server 2008 4598288 for x64- Monthly Base: 7.5 based Rollup Elevation Temporal: 6.5 Systems 4598287 Important of 4592498 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 2 (Server Only Core installation)
Windows 4598279 Elevation Server 2008 Monthly Important of 4592471 Base: 7.5 Unknown R2 for x64- Rollup Privilege Temporal: 6.5 based 4598289
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Systems Security Vector: Service Pack Only CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.5 based Rollup Elevation Temporal: 6.5 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.5 Rollup Elevation Windows Temporal: 6.5 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
4598278 Monthly Windows Base: 7.5 Rollup Elevation Server 2012 Temporal: 6.5 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.5 Windows Rollup Elevation Temporal: 6.5 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
Windows 4598285 Base: 7.5 Server 2012 Elevation Monthly Temporal: 6.5 R2 (Server Important of 4592484 Unknown Rollup Vector: Core Privilege 4598275 CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Only
Windows 10 4598242 Base: 7.5 Version Elevation Security Temporal: 6.5 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.5 Elevation Version Security Temporal: 6.5 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.5 Elevation 20H2 for Security Temporal: 6.5 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1694
Windows 4598242 Base: 7.5 Server, Elevation Security Temporal: 6.5 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
CVE-2021-1695 - Windows Print Spooler Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Print Spooler Elevation of Privilege Vulnerability Description:
CVE-2021-1695 FAQ: MITRE None Important Elevation of Privilege NVD Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1695
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Elevation Server 2008 Temporal: 6.8 Rollup Important of 4592498 Unknown for x64-based Vector: 4598287 Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.8 Unknown Server 2012 Rollup Privilege Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1695
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696 - Windows Graphics Component Information Disclosure Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows Graphics Component Information Disclosure Vulnerability Description:
FAQ:
What type of information could be disclosed by this vulnerability?
CVE-2021- The type of information that could be disclosed if an attacker successfully exploited 1696 Information this vulnerability is uninitialized memory. Important MITRE Disclosure NVD Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1696
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 20H2 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core Installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Windows 4598245 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598245 Base: 5.5 10 Version Security Information Temporal: 4.8 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 5.5 1803 for Security Information Temporal: 4.8 Important 4592446 Yes ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Information Windows 4598230 Important 4592440 Base: 5.5 Unknown 10 Version Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
1809 for 32- Update Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 10 Version Security Information Temporal: 4.8 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 5.5 1809 for Security Information Temporal: 4.8 Important 4592440 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598230 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4592440 Unknown Server 2019 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Windows 4598230 Base: 5.5 Server 2019 Security Information Temporal: 4.8 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 4598229 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598229 Base: 5.5 10 Version Security Information Temporal: 4.8 1909 for Important 4592449 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 5.5 Security Information Temporal: 4.8 10 Version Important 4592449 Unknown 1909 for Update Disclosure Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696 based Systems
Windows Server, 4598229 Base: 5.5 version Security Information Temporal: 4.8 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598242 Base: 5.5 Security Information Temporal: 4.8 10 Version Important 4592438 Unknown 2004 for Update Disclosure Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696 based Systems
Windows 4598242 Base: 5.5 10 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
4598231 Base: 5.5 Windows Security Information Temporal: 4.8 10 for 32-bit Important 4592464 Yes Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Windows 4598231 Base: 5.5 10 for x64- Security Information Temporal: 4.8 Important 4592464 Yes based Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 10 Version Security Information Temporal: 4.8 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 10 Version Security Information Temporal: 4.8 1607 for Important 4593226 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598243 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Windows 4598243 Base: 5.5 Server 2016 Security Information Temporal: 4.8 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
4598279 Windows 7 Monthly Base: 5.5 for 32-bit Rollup Information Temporal: 4.8 Systems 4598289 Important 4592471 Unknown Disclosure Vector: Service Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 1 Only
4598279 Windows 7 Monthly for x64- Base: 5.5 Rollup based Information Temporal: 4.8 4598289 Important 4592471 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 8.1 for 32- 4598275 Important 4592484 Unknown Disclosure Vector: bit systems Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Monthly Windows Base: 5.5 Rollup 8.1 for x64- Information Temporal: 4.8 4598275 Important 4592484 Unknown based Disclosure Vector: Security systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Base: 5.5 Windows Monthly Information Temporal: 4.8 Important 4592484 Unknown RT 8.1 Rollup Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
4598288 Windows Monthly Server 2008 Base: 5.5 Rollup for 32-bit Information Temporal: 4.8 4598287 Important 4592498 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 2
Windows Server 2008 4598288 for 32-bit Monthly Base: 5.5 Systems Rollup Information Temporal: 4.8 Service 4598287 Important 4592498 Unknown Disclosure Vector: Pack 2 Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server Only Core installation)
Windows 4598288 Information Server 2008 Monthly Important 4592498 Base: 5.5 Unknown for x64- Rollup Disclosure Temporal: 4.8 based 4598287
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Systems Security Vector: Service Only CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 2
Windows Server 2008 4598288 for x64- Monthly based Base: 5.5 Rollup Systems Information Temporal: 4.8 4598287 Important 4592498 Unknown Service Disclosure Vector: Security Pack 2 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
Windows 4598279 Server 2008 Monthly Base: 5.5 R2 for x64- Rollup Information Temporal: 4.8 based 4598289 Important 4592471 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Windows Server 2008 4598279 R2 for x64- Monthly based Base: 5.5 Rollup Systems Information Temporal: 4.8 4598289 Important 4592471 Unknown Service Disclosure Vector: Security Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
4598278 Monthly Base: 5.5 Rollup Windows Information Temporal: 4.8 4598297 Important 4592468 Unknown Server 2012 Disclosure Vector: Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
Windows 4598278 Information Base: 5.5 Server 2012 Monthly Important 4592468 Unknown Disclosure Temporal: 4.8 (Server Rollup
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1696
Core 4598297 Vector: installation) Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 Server 2012 4598275 Important 4592484 Unknown Disclosure Vector: R2 Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 R2 (Server 4598275 Important 4592484 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697 - Windows InstallService Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows InstallService Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1697 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Elevation 20H2 for Security Temporal: 6.8 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for x64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598245 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592446 Yes Version 1803 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697 based Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for x64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for x64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598242 Base: 7.8 Elevation Windows 10 Security Temporal: 6.8 Important of 4592438 Unknown Version 2004 Update Vector: Privilege for ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697 based Systems
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for x64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697
Windows 10 4598231 Base: 7.8 Elevation for x64- Security Temporal: 6.8 Important of 4592464 Yes based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Version 1607 Elevation Security Temporal: 6.8 for x64- Important of 4593226 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1697
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2021-1699 - Windows (modem.sys) Information Disclosure Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows (modem.sys) Information Disclosure Vulnerability CVE-2021- Description: 1699 Information Important MITRE FAQ: Disclosure NVD What type of information could be disclosed by this vulnerability?
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.5 20H2 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
Windows Server, 4598242 Base: 5.5 version Security Information Temporal: 4.8 20H2 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core Installation)
Windows 10 4598245 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598245 Base: 5.5 Version Security Information Temporal: 4.8 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Information Windows 10 4598245 Important 4592446 Base: 5.5 Yes Version Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
1803 for Update Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C based Systems
Windows 10 4598230 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598230 Base: 5.5 Version Security Information Temporal: 4.8 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 5.5 Security Information Temporal: 4.8 Version Important 4592440 Unknown 1809 for Update Disclosure Vector: ARM64- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699 based Systems
4598230 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4592440 Unknown Server 2019 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.5 Server 2019 Security Information Temporal: 4.8 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 10 4598229 Base: 5.5 Version Security Information Temporal: 4.8 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598229 Information Base: 5.5 Version Important 4592449 Unknown Security Disclosure Temporal: 4.8 1909 for
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598229 Base: 5.5 1909 for Security Information Temporal: 4.8 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598229 Base: 5.5 version Security Information Temporal: 4.8 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Information Windows 10 4598242 Important 4592438 Base: 5.5 Unknown Version Security Disclosure Temporal: 4.8
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
2004 for 32- Update Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 5.5 2004 for Security Information Temporal: 4.8 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 5.5 Version Security Information Temporal: 4.8 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.5 Server, Security Information Temporal: 4.8 Important 4592438 Unknown version Update Disclosure Vector: 2004 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
Core installation)
4598231 Base: 5.5 Windows 10 Security Information Temporal: 4.8 for 32-bit Important 4592464 Yes Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598231 Base: 5.5 for x64- Security Information Temporal: 4.8 Important 4592464 Yes based Update Disclosure Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Base: 5.5 Version Security Information Temporal: 4.8 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 10 4598243 Information Base: 5.5 Version Important 4593226 Unknown Security Disclosure Temporal: 4.8 1607 for
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598243 Base: 5.5 Windows Security Information Temporal: 4.8 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.5 Server 2016 Security Information Temporal: 4.8 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
4598279 Windows 7 Monthly Base: 5.5 for 32-bit Rollup Information Temporal: 4.8 Systems 4598289 Important 4592471 Unknown Disclosure Vector: Service Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
4598279 Windows 7 Monthly for x64- Base: 5.5 Rollup based Information Temporal: 4.8 4598289 Important 4592471 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 1
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 8.1 for 32- 4598275 Important 4592484 Unknown Disclosure Vector: bit systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
Windows 4598285 Base: 5.5 8.1 for x64- Monthly Information Temporal: 4.8 Important 4592484 Unknown based Rollup Disclosure Vector: systems 4598275 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
Only
4598285 Base: 5.5 Windows Monthly Information Temporal: 4.8 Important 4592484 Unknown RT 8.1 Rollup Disclosure Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 5.5 Rollup for 32-bit Information Temporal: 4.8 4598287 Important 4592498 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 2
Windows 4598288 Server 2008 Base: 5.5 Monthly for 32-bit Information Temporal: 4.8 Rollup Important 4592498 Unknown Systems Disclosure Vector: 4598287 Service CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Security Pack 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
(Server Only Core installation)
Windows 4598288 Server 2008 Monthly Base: 5.5 for x64- Rollup Information Temporal: 4.8 based 4598287 Important 4592498 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 2
Windows Server 2008 4598288 for x64- Monthly based Base: 5.5 Rollup Systems Information Temporal: 4.8 4598287 Important 4592498 Unknown Service Disclosure Vector: Security Pack 2 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
Windows 4598279 Server 2008 Monthly Base: 5.5 R2 for x64- Rollup Information Temporal: 4.8 based 4598289 Important 4592471 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 1
Windows Server 2008 4598279 R2 for x64- Monthly based Base: 5.5 Rollup Systems Information Temporal: 4.8 4598289 Important 4592471 Unknown Service Disclosure Vector: Security Pack 1 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
4598278 Windows Information Base: 5.5 Monthly Important 4592468 Unknown Server 2012 Disclosure Temporal: 4.8 Rollup
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
4598297 Vector: Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598278 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 (Server 4598297 Important 4592468 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
4598285 Monthly Base: 5.5 Windows Rollup Information Temporal: 4.8 Server 2012 4598275 Important 4592484 Unknown Disclosure Vector: R2 Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1699
4598285 Windows Monthly Base: 5.5 Server 2012 Rollup Information Temporal: 4.8 R2 (Server 4598275 Important 4592484 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
CVE-2021-1700 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE-2021- CVE Title: Remote Procedure Call Runtime Remote Code Execution 1700 Vulnerability Remote Code Important MITRE Description: Execution NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1700
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Windows 10 4598242 Base: 8.8 Version Remote Security Temporal: 7.7 20H2 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Remote Version Security Temporal: 7.7 Important Code 4592438 Unknown 20H2 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 8.8 Remote 20H2 for Security Temporal: 7.7 Important Code 4592438 Unknown ARM64- Update Vector: Execution based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Remote 4598242 Base: 8.8 Server, Important Code 4592438 Unknown Security Temporal: 7.7 version 20H2 Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
(Server Core Update Vector: Installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Important Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for x64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Important Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for x64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for ARM64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Important Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Important Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for x64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Important Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Important Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 8.8 Version 2004 Remote Security Temporal: 7.7 for ARM64- Important Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598242 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Important Code 4592438 Unknown Version 2004 Update Vector: Execution for x64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700 based Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 8.8 Windows 10 Remote Security Temporal: 7.7 for 32-bit Important Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 8.8 Remote for x64- Security Temporal: 7.7 Important Code 4592464 Yes based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Important Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Version 1607 Remote Security Temporal: 7.7 for x64- Important Code 4593226 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Important Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly for x64- Base: 8.8 Rollup Remote based Temporal: 7.7 4598289 Important Code 4592471 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 1
4598285 Base: 8.8 Windows 8.1 Remote Monthly Temporal: 7.7 for 32-bit Important Code 4592484 Unknown Rollup Vector: systems Execution 4598275 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Only
4598285 Monthly Windows 8.1 Base: 8.8 Rollup Remote for x64- Temporal: 7.7 4598275 Important Code 4592484 Unknown based Vector: Security Execution systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Important Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Base: 8.8 Monthly Remote Server 2008 Temporal: 7.7 Rollup Important Code 4592498 Unknown for 32-bit Vector: 4598287 Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Important Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598288 Server 2008 Monthly Base: 8.8 for x64- Rollup Remote Temporal: 7.7 based 4598287 Important Code 4592498 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Windows Server 2008 4598288 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598287 Important Code 4592498 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 8.8 R2 for x64- Rollup Remote Temporal: 7.7 based 4598289 Important Code 4592471 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows 4598279 Remote Server 2008 Monthly Important Code 4592471 Base: 8.8 Unknown R2 for x64- Rollup Execution Temporal: 7.7 based 4598289
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
Systems Security Vector: Service Pack Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Important Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 8.8 Rollup Remote Server 2012 Temporal: 7.7 4598297 Important Code 4592468 Unknown (Server Core Vector: Security Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1700
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Important Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 8.8 Server 2012 Rollup Remote Temporal: 7.7 R2 (Server 4598275 Important Code 4592484 Unknown Vector: Core Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1701 Remote Code None Important MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1701
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 8.8 Version Remote Security Temporal: 7.7 20H2 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Remote Version Security Temporal: 7.7 Important Code 4592438 Unknown 20H2 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598242 Base: 8.8 Version Important Code 4592438 Unknown Security Temporal: 7.7 20H2 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
ARM64- Update Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 20H2 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 8.8 Remote Version 1803 Security Temporal: 7.7 Important Code 4592446 Yes for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for x64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Windows 10 4598245 Base: 8.8 Version 1803 Remote Security Temporal: 7.7 for ARM64- Important Code 4592446 Yes Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 8.8 Remote Version 1809 Security Temporal: 7.7 Important Code 4592440 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 8.8 Version 1809 Remote Security Temporal: 7.7 for x64- Important Code 4592440 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 8.8 Remote Windows 10 Security Temporal: 7.7 Important Code 4592440 Unknown Version 1809 Update Vector: Execution for ARM64- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701 based Systems
4598230 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 8.8 Remote Server 2019 Security Temporal: 7.7 Important Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Remote Version 1909 Security Temporal: 7.7 Important Code 4592449 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598229 Base: 8.8 Version 1909 Important Code 4592449 Unknown Security Temporal: 7.7 for x64- Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701 based Update Vector: Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 8.8 Version 1909 Remote Security Temporal: 7.7 for ARM64- Important Code 4592449 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 8.8 Server, Remote Security Temporal: 7.7 version 1909 Important Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 8.8 Remote Version 2004 Security Temporal: 7.7 Important Code 4592438 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Windows 10 4598242 Base: 8.8 Version 2004 Remote Security Temporal: 7.7 for ARM64- Important Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 8.8 Version 2004 Remote Security Temporal: 7.7 for x64- Important Code 4592438 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 8.8 Server, Remote Security Temporal: 7.7 version 2004 Important Code 4592438 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 Remote for 32-bit 4598231 Important Code 4592464 Base: 8.8 Yes Systems Security Execution Temporal: 7.7
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Update Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 8.8 Remote for x64- Security Temporal: 7.7 Important Code 4592464 Yes based Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Remote Version 1607 Security Temporal: 7.7 Important Code 4593226 Unknown for 32-bit Update Vector: Execution Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 8.8 Version 1607 Remote Security Temporal: 7.7 for x64- Important Code 4593226 Unknown Update Vector: based Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
4598243 Base: 8.8 Remote Windows Security Temporal: 7.7 Important Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 8.8 Remote Server 2016 Security Temporal: 7.7 Important Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 8.8 for 32-bit Rollup Remote Temporal: 7.7 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
Windows 7 4598279 Remote Base: 8.8 for x64- Monthly Important Code 4592471 Unknown Temporal: 7.7 based Rollup Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Systems 4598289 Vector: Service Pack Security CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 8.8 Windows 8.1 Rollup Remote Temporal: 7.7 for 32-bit 4598275 Important Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Windows 8.1 Base: 8.8 Rollup Remote for x64- Temporal: 7.7 4598275 Important Code 4592484 Unknown based Vector: Security Execution systems CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
4598285 Base: 8.8 Remote Windows RT Monthly Temporal: 7.7 Important Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 8.8 Rollup Remote for 32-bit Temporal: 7.7 4598287 Important Code 4592498 Unknown Systems Vector: Security Execution Service Pack CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 8.8 Rollup Remote Systems Temporal: 7.7 4598287 Important Code 4592498 Unknown Service Pack Vector: Security Execution 2 (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Windows 4598288 Server 2008 Monthly Base: 8.8 for x64- Rollup Remote Temporal: 7.7 based 4598287 Important Code 4592498 Unknown Vector: Systems Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 2
Windows Server 2008 4598288 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598287 Important Code 4592498 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 2 (Server Only Core installation)
Windows 4598279 Remote Server 2008 Monthly Important Code 4592471 Base: 8.8 Unknown R2 for x64- Rollup Execution Temporal: 7.7 based 4598289
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Systems Security Vector: Service Pack Only CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 8.8 based Rollup Remote Temporal: 7.7 Systems 4598289 Important Code 4592471 Unknown Vector: Service Pack Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 8.8 Rollup Remote Windows Temporal: 7.7 4598297 Important Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
4598278 Monthly Windows Base: 8.8 Rollup Remote Server 2012 Temporal: 7.7 4598297 Important Code 4592468 Unknown (Server Core Vector: Security Execution installation) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 8.8 Windows Rollup Remote Temporal: 7.7 Server 2012 4598275 Important Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
Windows 4598285 Base: 8.8 Server 2012 Remote Monthly Temporal: 7.7 R2 (Server Important Code 4592484 Unknown Rollup Vector: Core Execution 4598275 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1701
Only
CVE-2021-1702 - Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability Description: CVE-2021- 1702 Elevation of FAQ: Important MITRE None Privilege NVD Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1702
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows 10 4598242 Base: 7.8 Elevation Version 20H2 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 20H2 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows 10 4598245 Base: 7.8 Elevation Version 1803 Security Temporal: 6.8 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version 1803 Elevation Security Temporal: 6.8 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Elevation Version 1809 Security Temporal: 6.8 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows 10 4598230 Base: 7.8 Version 1809 Elevation Security Temporal: 6.8 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Elevation Server 2019 Security Temporal: 6.8 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows 10 4598229 Base: 7.8 Elevation Version 1909 Security Temporal: 6.8 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Version 1909 Elevation Security Temporal: 6.8 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
4598231 Base: 7.8 Windows 10 Elevation Security Temporal: 6.8 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Elevation Version 1607 Security Temporal: 6.8 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Elevation Windows Security Temporal: 6.8 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows 4598243 Base: 7.8 Elevation Server 2016 Security Temporal: 6.8 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.8 for 32-bit Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.8 for x64-based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Elevation Temporal: 6.8 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Elevation Windows RT Monthly Temporal: 6.8 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
4598288 Windows Monthly Server 2008 Base: 7.8 Rollup Elevation for 32-bit Temporal: 6.8 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.8 Monthly Elevation Server 2008 Temporal: 6.8 Rollup Important of 4592498 Unknown for x64-based Vector: 4598287 Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.8 Rollup Elevation Systems Temporal: 6.8 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.8 R2 for x64- Rollup Elevation Temporal: 6.8 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.8 based Rollup Elevation Temporal: 6.8 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.8 Rollup Elevation Windows Temporal: 6.8 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.8 Unknown Server 2012 Rollup Privilege Temporal: 6.8 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1702
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows Rollup Elevation Temporal: 6.8 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.8 Server 2012 Rollup Elevation Temporal: 6.8 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1703 - Windows Event Logging Service Elevation of Privilege Vulnerability
Maximum Severity Vulnerability CVE ID Vulnerability Description Rating Impact
CVE Title: Windows Event Logging Service Elevation of Privilege Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1703 Elevation of None Important MITRE Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1703
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Elevation Security Temporal: 6.8 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Elevation Version Security Temporal: 6.8 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Elevation 4598242 Base: 7.8 Version Important of 4592438 Unknown Security Temporal: 6.8 20H2 for Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1703
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598242 Base: 7.8 Elevation Version 2004 Security Temporal: 6.8 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1703
Windows 10 4598242 Base: 7.8 Version 2004 Elevation Security Temporal: 6.8 for x64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.8 Server, Elevation Security Temporal: 6.8 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
CVE-2021-1704 - Windows Hyper-V Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1704 CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability MITRE Description: Important Elevation of Privilege NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1704
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
Windows 10 4598242 Base: 7.3 Elevation Version 20H2 Security Temporal: 6.4 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.3 Elevation Version 1803 Security Temporal: 6.4 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.3 Elevation Version 1809 Security Temporal: 6.4 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
4598230 Base: 7.3 Elevation Windows Security Temporal: 6.4 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.3 Elevation Server 2019 Security Temporal: 6.4 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.3 Elevation Version 1909 Security Temporal: 6.4 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598229 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
Windows 10 4598242 Base: 7.3 Elevation Version 2004 Security Temporal: 6.4 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7.3 Windows 10 Elevation Security Temporal: 6.4 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.3 Elevation Version 1607 Security Temporal: 6.4 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
4598243 Base: 7.3 Elevation Windows Security Temporal: 6.4 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.3 Elevation Server 2016 Security Temporal: 6.4 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.3 for x64-based Rollup Elevation Temporal: 6.4 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
Windows 8.1 4598285 Elevation Base: 7.3 for x64-based Monthly Important of 4592484 Unknown Temporal: 6.4 systems Rollup Privilege
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
4598275 Vector: Security CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598288 Windows Monthly Server 2008 Base: 7.3 Rollup Elevation for x64-based Temporal: 6.4 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.3 Rollup Elevation Systems Temporal: 6.4 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
Windows 4598279 Server 2008 Monthly Base: 7.3 R2 for x64- Rollup Elevation Temporal: 6.4 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.3 based Rollup Elevation Temporal: 6.4 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.3 Unknown Server 2012 Rollup Privilege Temporal: 6.4 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
Security Vector: Only CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598278 Monthly Windows Base: 7.3 Rollup Elevation Server 2012 Temporal: 6.4 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.3 Windows Rollup Elevation Temporal: 6.4 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1704
4598285 Windows Monthly Base: 7.3 Server 2012 Rollup Elevation Temporal: 6.4 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
CVE-2021-1705 - Microsoft Edge (HTML-based) Memory Corruption Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE-2021- CVE Title: Microsoft Edge (HTML-based) Memory Corruption 1705 Vulnerability Remote Code Moderate MITRE Description: Execution NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1705
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Microsoft Edge (EdgeHTML- 4598245 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592446 Yes Windows 10 Update Vector: Execution Version 1803 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for 32-bit Systems
Microsoft Edge (EdgeHTML- 4598245 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592446 Yes Windows 10 Update Vector: Execution Version 1803 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for x64-based Systems
Microsoft Remote Edge 4598245 Critical Code 4592446 Base: 4.2 Yes (EdgeHTML- Security Execution Temporal: 3.8 based) on
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Windows 10 Update Vector: Version 1803 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for ARM64- based Systems
Microsoft Edge (EdgeHTML- 4598230 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592440 Unknown Windows 10 Update Vector: Execution Version 1809 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for 32-bit Systems
Microsoft Edge (EdgeHTML- 4598230 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592440 Unknown Windows 10 Update Vector: Execution Version 1809 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for x64-based Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Microsoft Edge (EdgeHTML- 4598230 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592440 Unknown Windows 10 Update Vector: Execution Version 1809 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for ARM64- based Systems
Microsoft Edge 4598230 Base: 4.2 Remote (EdgeHTML- Security Temporal: 3.8 Moderate Code 4592440 Unknown based) on Update Vector: Execution Windows CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C Server 2019
Microsoft 4598229 Base: 4.2 Edge Remote Security Temporal: 3.8 (EdgeHTML- Critical Code 4592449 Unknown Update Vector: based) on Execution Windows 10 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C Version 1909
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705 for 32-bit Systems
Microsoft Edge (EdgeHTML- 4598229 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592449 Unknown Windows 10 Update Vector: Execution Version 1909 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for x64-based Systems
Microsoft Edge (EdgeHTML- 4598229 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592449 Unknown Windows 10 Update Vector: Execution Version 1909 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for ARM64- based Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Microsoft Edge (EdgeHTML- 4598242 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592438 Unknown Windows 10 Update Vector: Execution Version 2004 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for 32-bit Systems
Microsoft Edge (EdgeHTML- 4598242 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592438 Unknown Windows 10 Update Vector: Execution Version 2004 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for ARM64- based Systems
Microsoft Remote Edge 4598242 Critical Code 4592438 Base: 4.2 Unknown (EdgeHTML- Security Execution Temporal: 3.8 based) on
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Windows 10 Update Vector: Version 2004 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for x64-based Systems
Microsoft Edge (EdgeHTML- 4598242 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592438 Unknown Windows 10 Update Vector: Execution Version 20H2 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for x64-based Systems
Microsoft Edge (EdgeHTML- 4598242 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592438 Unknown Windows 10 Update Vector: Execution Version 20H2 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for 32-bit Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Microsoft Edge (EdgeHTML- 4598242 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4592438 Unknown Windows 10 Update Vector: Execution Version 20H2 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for ARM64- based Systems
Microsoft Edge 4598231 Base: 4.2 (EdgeHTML- Remote Security Temporal: 3.8 based) on Critical Code 4592464 Yes Update Vector: Windows 10 Execution CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for 32-bit Systems
Microsoft 4598231 Base: 4.2 Remote Edge Security Temporal: 3.8 Critical Code 4592464 Yes (EdgeHTML- Update Vector: Execution based) on CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C Windows 10
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705 for x64-based Systems
Microsoft Edge (EdgeHTML- 4598243 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4593226 Unknown Windows 10 Update Vector: Execution Version 1607 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for 32-bit Systems
Microsoft Edge (EdgeHTML- 4598243 Base: 4.2 Remote based) on Security Temporal: 3.8 Critical Code 4593226 Unknown Windows 10 Update Vector: Execution Version 1607 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C for x64-based Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1705
Microsoft Edge 4598243 Base: 4.2 Remote (EdgeHTML- Security Temporal: 3.8 Moderate Code 4593226 Unknown based) on Update Vector: Execution Windows CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C Server 2016
CVE-2021-1706 - Windows LUAFV Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows LUAFV Elevation of Privilege Vulnerability Description:
CVE-2021-1706 FAQ: MITRE None Important Elevation of Privilege NVD Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1706
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598245 Base: 7.3 Elevation Version 1803 Security Temporal: 6.4 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows 10 4598245 Base: 7.3 Elevation Version 1803 Security Temporal: 6.4 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.3 Version 1803 Elevation Security Temporal: 6.4 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.3 Elevation Version 1809 Security Temporal: 6.4 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.3 Elevation Version 1809 Security Temporal: 6.4 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows 10 4598230 Base: 7.3 Version 1809 Elevation Security Temporal: 6.4 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.3 Elevation Windows Security Temporal: 6.4 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.3 Elevation Server 2019 Security Temporal: 6.4 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.3 Elevation Version 1909 Security Temporal: 6.4 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows 10 4598229 Base: 7.3 Elevation Version 1909 Security Temporal: 6.4 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.3 Version 1909 Elevation Security Temporal: 6.4 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.3 Elevation Version 2004 Security Temporal: 6.4 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows 10 4598242 Base: 7.3 Version 2004 Elevation Security Temporal: 6.4 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.3 Elevation Version 2004 Security Temporal: 6.4 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598242 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7.3 Elevation Version 20H2 Security Temporal: 6.4 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows 10 4598242 Base: 7.3 Elevation Version 20H2 Security Temporal: 6.4 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7.3 Version 20H2 Elevation Security Temporal: 6.4 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 7.3 Server, Elevation Security Temporal: 6.4 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
4598231 Base: 7.3 Windows 10 Elevation Security Temporal: 6.4 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
4598231 Base: 7.3 Windows 10 Elevation Security Temporal: 6.4 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.3 Elevation Version 1607 Security Temporal: 6.4 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.3 Elevation Version 1607 Security Temporal: 6.4 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.3 Elevation Windows Security Temporal: 6.4 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows 4598243 Base: 7.3 Elevation Server 2016 Security Temporal: 6.4 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598279 Windows 7 Monthly Base: 7.3 for 32-bit Rollup Elevation Temporal: 6.4 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598279 Windows 7 Monthly Base: 7.3 for x64-based Rollup Elevation Temporal: 6.4 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
4598285 Monthly Base: 7.3 Windows 8.1 Rollup Elevation Temporal: 6.4 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.3 Windows 8.1 Rollup Elevation Temporal: 6.4 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.3 Elevation Windows RT Monthly Temporal: 6.4 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
4598288 Windows Monthly Server 2008 Base: 7.3 Rollup Elevation for 32-bit Temporal: 6.4 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7.3 Rollup Elevation Systems Temporal: 6.4 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Base: 7.3 Monthly Elevation Server 2008 Temporal: 6.4 Rollup Important of 4592498 Unknown for x64-based Vector: 4598287 Privilege Systems CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Service Pack Only 2
Windows 4598288 Server 2008 Monthly for x64-based Base: 7.3 Rollup Elevation Systems Temporal: 6.4 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7.3 R2 for x64- Rollup Elevation Temporal: 6.4 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7.3 based Rollup Elevation Temporal: 6.4 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
4598278 Monthly Base: 7.3 Rollup Elevation Windows Temporal: 6.4 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Elevation Windows Monthly Important of 4592468 Base: 7.3 Unknown Server 2012 Rollup Privilege Temporal: 6.4 4598297
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1706
(Server Core Security Vector: installation) Only CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.3 Windows Rollup Elevation Temporal: 6.4 Server 2012 4598275 Important of 4592484 Unknown Vector: R2 Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 7.3 Server 2012 Rollup Elevation Temporal: 6.4 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1707 - Microsoft SharePoint Server Remote Code Execution Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability Description:
FAQ:
What is the attack vector for this vulnerability?
CVE-2021- In a network-based attack an attacker can gain access to create a site and could execute 1707 Remote Code code remotely within the kernel. The user would need to have privileges. Important MITRE Execution NVD Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1707
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Microsoft 4493163 Base: 8.8 Remote SharePoint Security Temporal: 7.7 Important Code 4486753 Maybe Enterprise Update Vector: Execution Server 2016 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1707
4493162 Base: 8.8 Microsoft Remote Security Temporal: 7.7 SharePoint Important Code 4486751 Maybe Update Vector: Server 2019 Execution CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft SharePoint 4493187 Base: 8.8 Remote Foundation Security Temporal: 7.7 Important Code 4493149 Maybe 2010 Update Vector: Execution Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 2
Microsoft SharePoint 4493175 Base: 8.8 Remote Foundation Security Temporal: 7.7 Important Code 4493138 Maybe 2013 Update Vector: Execution Service CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708 - Windows GDI+ Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Windows GDI+ Information Disclosure Vulnerability Description:
FAQ:
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this CVE- vulnerability is memory layout - the vulnerability allows an attacker to collect information that 2021-1708 facilitates predicting addressing of the memory. Information Important MITRE Disclosure
NVD Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1708
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 Version 4598242 Base: 5.7 2004 for Security Information Temporal: 5 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Windows 4598242 Base: 5.7 10 Version Security Information Temporal: 5 Important 4592438 Unknown 2004 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows Server, 4598242 Base: 5.7 version Security Information Temporal: 5 2004 Important 4592438 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
Windows 4598242 Base: 5.7 10 Version Security Information Temporal: 5 2004 for Important 4592438 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Information Windows 4598242 Important 4592438 Base: 5.7 Unknown 10 Version Security Disclosure Temporal: 5
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
20H2 for Update Vector: x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.7 10 Version Security Information Temporal: 5 20H2 for Important 4592438 Unknown Update Disclosure Vector: 32-bit CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598242 Base: 5.7 20H2 for Security Information Temporal: 5 Important 4592438 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 4598242 Base: 5.7 Server, Security Information Temporal: 5 Important 4592438 Unknown version Update Disclosure Vector: 20H2 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Core Installation)
Windows 4598245 Base: 5.7 10 Version Security Information Temporal: 5 Important 4592446 Yes 1803 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598245 Base: 5.7 10 Version Security Information Temporal: 5 1803 for Important 4592446 Yes Update Disclosure Vector: x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598245 Base: 5.7 1803 for Security Information Temporal: 5 Important 4592446 Yes ARM64- Update Disclosure Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Windows 4598230 Base: 5.7 10 Version Security Information Temporal: 5 Important 4592440 Unknown 1809 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.7 10 Version Security Information Temporal: 5 1809 for Important 4592440 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows 10 Version 4598230 Base: 5.7 1809 for Security Information Temporal: 5 Important 4592440 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Information 4598230 Important 4592440 Base: 5.7 Unknown Server 2019 Security Disclosure Temporal: 5
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Update Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598230 Base: 5.7 Server 2019 Security Information Temporal: 5 (Server Important 4592440 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
Windows 4598229 Base: 5.7 10 Version Security Information Temporal: 5 Important 4592449 Unknown 1909 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598229 Base: 5.7 10 Version Security Information Temporal: 5 1909 for Important 4592449 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Windows 10 Version 4598229 Base: 5.7 1909 for Security Information Temporal: 5 Important 4592449 Unknown ARM64- Update Disclosure Vector: based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
Windows Server, 4598229 Base: 5.7 version Security Information Temporal: 5 1909 Important 4592449 Unknown Update Disclosure Vector: (Server CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Core installation)
4598231 Base: 5.7 Windows Security Information Temporal: 5 10 for 32-bit Important 4592464 Yes Update Disclosure Vector: Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Windows 4598231 Base: 5.7 10 for x64- Security Information Temporal: 5 Important 4592464 Yes based Update Disclosure Vector: Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.7 10 Version Security Information Temporal: 5 Important 4593226 Unknown 1607 for 32- Update Disclosure Vector: bit Systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows 4598243 Base: 5.7 10 Version Security Information Temporal: 5 1607 for Important 4593226 Unknown Update Disclosure Vector: x64-based CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Systems
4598243 Base: 5.7 Windows Security Information Temporal: 5 Important 4593226 Unknown Server 2016 Update Disclosure Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Windows 4598243 Base: 5.7 Server 2016 Security Information Temporal: 5 (Server Important 4593226 Unknown Update Disclosure Vector: Core CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation)
4598279 Windows 7 Monthly Base: 5.7 for 32-bit Rollup Information Temporal: 5 Systems 4598289 Important 4592471 Unknown Disclosure Vector: Service Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 1 Only
4598279 Windows 7 Monthly for x64- Base: 5.7 Rollup based Information Temporal: 5 4598289 Important 4592471 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
4598285 Monthly Base: 5.7 Windows Rollup Information Temporal: 5 8.1 for 32- 4598275 Important 4592484 Unknown Disclosure Vector: bit systems Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Monthly Windows Base: 5.7 Rollup 8.1 for x64- Information Temporal: 5 4598275 Important 4592484 Unknown based Disclosure Vector: Security systems CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Base: 5.7 Windows Monthly Information Temporal: 5 Important 4592484 Unknown RT 8.1 Rollup Disclosure Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
4598288 Windows Monthly Server 2008 Base: 5.7 Rollup for 32-bit Information Temporal: 5 4598287 Important 4592498 Unknown Systems Disclosure Vector: Security Service CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only Pack 2
Windows Server 2008 4598288 for 32-bit Monthly Base: 5.7 Systems Rollup Information Temporal: 5 Service 4598287 Important 4592498 Unknown Disclosure Vector: Pack 2 Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C (Server Only Core installation)
Windows 4598288 Information Server 2008 Monthly Important 4592498 Base: 5.7 Unknown for x64- Rollup Disclosure Temporal: 5 based 4598287
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Systems Security Vector: Service Only CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Pack 2
Windows Server 2008 4598288 for x64- Monthly based Base: 5.7 Rollup Systems Information Temporal: 5 4598287 Important 4592498 Unknown Service Disclosure Vector: Security Pack 2 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
Windows 4598279 Server 2008 Monthly Base: 5.7 R2 for x64- Rollup Information Temporal: 5 based 4598289 Important 4592471 Unknown Disclosure Vector: Systems Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Service Only Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Windows Server 2008 4598279 R2 for x64- Monthly based Base: 5.7 Rollup Systems Information Temporal: 5 4598289 Important 4592471 Unknown Service Disclosure Vector: Security Pack 1 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only (Server
Core installation)
4598278 Monthly Base: 5.7 Rollup Windows Information Temporal: 5 4598297 Important 4592468 Unknown Server 2012 Disclosure Vector: Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
Windows 4598278 Information Base: 5.7 Server 2012 Monthly Important 4592468 Unknown Disclosure Temporal: 5 (Server Rollup
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1708
Core 4598297 Vector: installation) Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Monthly Base: 5.7 Windows Rollup Information Temporal: 5 Server 2012 4598275 Important 4592484 Unknown Disclosure Vector: R2 Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Only
4598285 Windows Monthly Base: 5.7 Server 2012 Rollup Information Temporal: 5 R2 (Server 4598275 Important 4592484 Unknown Disclosure Vector: Core Security CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709 - Windows Win32k Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Windows Win32k Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1709 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7 Version Elevation Security Temporal: 6.1 20H2 for Important of 4592438 Unknown Update Vector: x64-based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7 Elevation Version Security Temporal: 6.1 Important of 4592438 Unknown 20H2 for 32- Update Vector: Privilege bit Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7 Elevation 20H2 for Security Temporal: 6.1 Important of 4592438 Unknown ARM64- Update Vector: Privilege based CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 4598242 Base: 7 Server, Elevation Security Temporal: 6.1 version 20H2 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7 Elevation Version 1803 Security Temporal: 6.1 Important of 4592446 Yes for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7 Elevation Version 1803 Security Temporal: 6.1 Important of 4592446 Yes for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7 Version 1803 Elevation Security Temporal: 6.1 for ARM64- Important of 4592446 Yes Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 10 4598230 Base: 7 Elevation Version 1809 Security Temporal: 6.1 Important of 4592440 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7 Elevation Version 1809 Security Temporal: 6.1 Important of 4592440 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7 Version 1809 Elevation Security Temporal: 6.1 for ARM64- Important of 4592440 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7 Elevation Windows Security Temporal: 6.1 Important of 4592440 Unknown Server 2019 Update Vector: Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 4598230 Base: 7 Elevation Server 2019 Security Temporal: 6.1 Important of 4592440 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7 Elevation Version 1909 Security Temporal: 6.1 Important of 4592449 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7 Elevation Version 1909 Security Temporal: 6.1 Important of 4592449 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7 Version 1909 Elevation Security Temporal: 6.1 for ARM64- Important of 4592449 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 4598229 Base: 7 Server, Elevation Security Temporal: 6.1 version 1909 Important of 4592449 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
Windows 10 4598242 Base: 7 Elevation Version 2004 Security Temporal: 6.1 Important of 4592438 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598242 Base: 7 Version 2004 Elevation Security Temporal: 6.1 for ARM64- Important of 4592438 Unknown Update Vector: based Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7 Elevation Version 2004 Security Temporal: 6.1 Important of 4592438 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 4598242 Base: 7 Server, Elevation Security Temporal: 6.1 version 2004 Important of 4592438 Unknown Update Vector: (Server Core Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
4598231 Base: 7 Windows 10 Elevation Security Temporal: 6.1 for 32-bit Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7 Windows 10 Elevation Security Temporal: 6.1 for x64-based Important of 4592464 Yes Update Vector: Systems Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7 Elevation Version 1607 Security Temporal: 6.1 Important of 4593226 Unknown for 32-bit Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 10 4598243 Base: 7 Elevation Version 1607 Security Temporal: 6.1 Important of 4593226 Unknown for x64-based Update Vector: Privilege Systems CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7 Elevation Windows Security Temporal: 6.1 Important of 4593226 Unknown Server 2016 Update Vector: Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7 Elevation Server 2016 Security Temporal: 6.1 Important of 4593226 Unknown (Server Core Update Vector: Privilege installation) CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 7 4598279 Base: 7 for 32-bit Elevation Monthly Temporal: 6.1 Systems Important of 4592471 Unknown Rollup Vector: Service Pack Privilege 4598289 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Only
4598279 Windows 7 Monthly Base: 7 for x64-based Rollup Elevation Temporal: 6.1 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 Only
4598285 Monthly Base: 7 Windows 8.1 Rollup Elevation Temporal: 6.1 for 32-bit 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
4598285 Monthly Base: 7 Windows 8.1 Rollup Elevation Temporal: 6.1 for x64-based 4598275 Important of 4592484 Unknown Vector: systems Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7 Elevation Windows RT Monthly Temporal: 6.1 Important of 4592484 Unknown 8.1 Rollup Vector: Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598288 Windows Monthly Server 2008 Base: 7 Rollup Elevation for 32-bit Temporal: 6.1 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Windows 4598288 Server 2008 Monthly for 32-bit Base: 7 Rollup Elevation Systems Temporal: 6.1 4598287 Important of 4592498 Unknown Service Pack Vector: Security Privilege 2 (Server CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only Core installation)
4598288 Windows Monthly Server 2008 Base: 7 Rollup Elevation for x64-based Temporal: 6.1 4598287 Important of 4592498 Unknown Systems Vector: Security Privilege Service Pack CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only 2
Windows 4598288 Base: 7 Elevation Server 2008 Monthly Temporal: 6.1 Important of 4592498 Unknown for x64-based Rollup Vector: Privilege Systems 4598287 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
2 (Server Only Core installation)
Windows 4598279 Server 2008 Monthly Base: 7 R2 for x64- Rollup Elevation Temporal: 6.1 based 4598289 Important of 4592471 Unknown Vector: Systems Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack Only 1
Windows Server 2008 4598279 R2 for x64- Monthly Base: 7 based Rollup Elevation Temporal: 6.1 Systems 4598289 Important of 4592471 Unknown Vector: Service Pack Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1 (Server Only Core installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
4598278 Monthly Base: 7 Rollup Elevation Windows Temporal: 6.1 4598297 Important of 4592468 Unknown Server 2012 Vector: Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598278 Monthly Windows Base: 7 Rollup Elevation Server 2012 Temporal: 6.1 4598297 Important of 4592468 Unknown (Server Core Vector: Security Privilege installation) CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7 Windows Elevation Monthly Temporal: 6.1 Server 2012 Important of 4592484 Unknown Rollup Vector: R2 Privilege 4598275 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1709
Only
4598285 Windows Monthly Base: 7 Server 2012 Rollup Elevation Temporal: 6.1 R2 (Server 4598275 Important of 4592484 Unknown Vector: Core Security Privilege CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710 - Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Maximum Severity CVE ID Vulnerability Description Vulnerability Impact Rating
CVE Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability Description:
FAQ: None CVE-2021- Mitigations: 1710 Remote Code None Important MITRE Execution Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1710
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Windows 10 4598242 Base: 7.8 Version Remote Security Temporal: 6.8 20H2 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4592438 Unknown 20H2 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598242 Base: 7.8 Version Important Code 4592438 Unknown Security Temporal: 6.8 20H2 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Server, 4598242 Base: 7.8 Remote version Security Temporal: 6.8 Important Code 4592438 Unknown 20H2 Update Vector: Execution (Server Core CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Installation)
Windows 10 4598245 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4592446 Yes 1803 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598245 Base: 7.8 Version Remote Security Temporal: 6.8 1803 for Important Code 4592446 Yes Update Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
Windows 10 Version 4598245 Base: 7.8 Remote 1803 for Security Temporal: 6.8 Important Code 4592446 Yes ARM64- Update Vector: Execution based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598230 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4592440 Unknown 1809 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598230 Base: 7.8 Version Remote Security Temporal: 6.8 1809 for Important Code 4592440 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Remote 4598230 Base: 7.8 Version Important Code 4592440 Unknown Security Temporal: 6.8 1809 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
ARM64- Update Vector: based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
4598230 Base: 7.8 Remote Windows Security Temporal: 6.8 Important Code 4592440 Unknown Server 2019 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598230 Base: 7.8 Remote Server 2019 Security Temporal: 6.8 Important Code 4592440 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598229 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4592449 Unknown 1909 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
Windows 10 4598229 Base: 7.8 Version Remote Security Temporal: 6.8 1909 for Important Code 4592449 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 Version 4598229 Base: 7.8 Remote 1909 for Security Temporal: 6.8 Important Code 4592449 Unknown ARM64- Update Vector: Execution based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 4598229 Base: 7.8 Server, Remote Security Temporal: 6.8 version 1909 Important Code 4592449 Unknown Update Vector: (Server Core Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
Windows 10 4598242 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4592438 Unknown 2004 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Version 4598242 Base: 7.8 Remote 2004 for Security Temporal: 6.8 Important Code 4592438 Unknown ARM64- Update Vector: Execution based CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows 10 4598242 Base: 7.8 Version Remote Security Temporal: 6.8 2004 for Important Code 4592438 Unknown Update Vector: x64-based Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Windows Remote 4598242 Base: 7.8 Server, Important Code 4592438 Unknown Security Temporal: 6.8 version 2004 Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
(Server Core Update Vector: installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598231 Base: 7.8 Windows 10 Remote Security Temporal: 6.8 for 32-bit Important Code 4592464 Yes Update Vector: Systems Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598231 Base: 7.8 Remote for x64- Security Temporal: 6.8 Important Code 4592464 Yes based Update Vector: Execution Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 4598243 Base: 7.8 Remote Version Security Temporal: 6.8 Important Code 4593226 Unknown 1607 for 32- Update Vector: Execution bit Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 10 Remote 4598243 Base: 7.8 Version Important Code 4593226 Unknown Security Temporal: 6.8 1607 for Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710 x64-based Update Vector: Systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598243 Base: 7.8 Remote Windows Security Temporal: 6.8 Important Code 4593226 Unknown Server 2016 Update Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows 4598243 Base: 7.8 Remote Server 2016 Security Temporal: 6.8 Important Code 4593226 Unknown (Server Core Update Vector: Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598285 Monthly Base: 7.8 Windows 8.1 Rollup Remote Temporal: 6.8 for 32-bit 4598275 Important Code 4592484 Unknown Vector: systems Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
4598285 Monthly Windows 8.1 Base: 7.8 Rollup Remote for x64- Temporal: 6.8 4598275 Important Code 4592484 Unknown based Vector: Security Execution systems CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Base: 7.8 Remote Windows RT Monthly Temporal: 6.8 Important Code 4592484 Unknown 8.1 Rollup Vector: Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4598278 Monthly Base: 7.8 Rollup Remote Windows Temporal: 6.8 4598297 Important Code 4592468 Unknown Server 2012 Vector: Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
4598278 Monthly Windows Base: 7.8 Rollup Remote Server 2012 Temporal: 6.8 4598297 Important Code 4592468 Unknown (Server Core Vector: Security Execution installation) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
4598285 Monthly Base: 7.8 Windows Rollup Remote Temporal: 6.8 Server 2012 4598275 Important Code 4592484 Unknown Vector: R2 Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Only
Windows 4598285 Base: 7.8 Server 2012 Remote Monthly Temporal: 6.8 R2 (Server Important Code 4592484 Unknown Rollup Vector: Core Execution 4598275 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C installation) Security
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1710
Only
CVE-2021-1711 - Microsoft Office Remote Code Execution Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft Office Remote Code Execution Vulnerability Description:
FAQ:
CVE-2021-1711 Is the Preview Pane an attack vector for this vulnerability? MITRE Important Remote Code Execution No, the Preview Pane is not an attack vector. NVD
Mitigations: None Workarounds: None
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1711
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code No for 32-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1711
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code No for 64-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Click to 365 Apps Base: 7.8 Run Remote for Temporal: 6.8 Security Important Code No Enterprise Vector: Update Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Systems
Microsoft Click to 365 Apps Base: 7.8 Run Remote for Temporal: 6.8 Security Important Code No Enterprise Vector: Update Execution for 64-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Systems
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1711
Microsoft 4486755 Base: 7.8 Remote Office 2016 Security Temporal: 6.8 Important Code 4484508 Maybe (32-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4486755 Base: 7.8 Remote Office 2016 Security Temporal: 6.8 Important Code 4484508 Maybe (64-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493143 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Important Code 4484534 Maybe Update Vector: Pack 2 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4493143 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Important Code 4484534 Maybe Update Vector: Pack 2 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1711
Microsoft 4486762 Base: 7.8 Remote Office 2013 Security Temporal: 6.8 Important Code 4484520 Maybe RT Service Update Vector: Execution Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4486762 Base: 7.8 Office 2013 Remote Security Temporal: 6.8 Service Important Code 4484520 Maybe Update Vector: Pack 1 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4486762 Base: 7.8 Office 2013 Remote Security Temporal: 6.8 Service Important Code 4484520 Maybe Update Vector: Pack 1 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1712 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1712 None MITRE Important Elevation of Privilege Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1712
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Microsoft 4493163 Base: 8 Elevation SharePoint Security Temporal: 7 Important of 4486753 Maybe Enterprise Update Vector: Privilege Server 2016 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4493162 Base: 8 Microsoft Elevation Security Temporal: 7 SharePoint Important of 4486751 Maybe Update Vector: Server 2019 Privilege CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493175 Base: 8 SharePoint Elevation Security Temporal: 7 Foundation Important of 4493138 Maybe Update Vector: 2013 Service Privilege CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1713 - Microsoft Excel Remote Code Execution Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft Excel Remote Code Execution Vulnerability Description:
FAQ:
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
CVE-2021-1713 MITRE Mitigations: Important Remote Code Execution NVD None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1713
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code No for 32-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code No for 64-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1713
Release Base: 7.8 Microsoft Notes Remote Temporal: 6.8 Office 2019 Security Important Code No Vector: for Mac Update Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493160 Base: 7.8 Remote Office Security Temporal: 6.8 Important Code 4486750 Maybe Online Update Vector: Execution Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Click to 365 Apps Base: 7.8 Run Remote for Temporal: 6.8 Security Important Code 4486750 No Enterprise Vector: Update Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Systems
Microsoft Click to Remote Base: 7.8 365 Apps Run Important Code 4486750 No Temporal: 6.8 for Security Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1713
Enterprise Update Vector: for 64-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Microsoft 4493165 Base: 7.8 Remote Excel 2016 Security Temporal: 6.8 Important Code 4486754 Maybe (32-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493165 Base: 7.8 Remote Excel 2016 Security Temporal: 6.8 Important Code 4486754 Maybe (64-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493186 Base: 7.8 Excel 2010 Remote Security Temporal: 6.8 Service Important Code 4493148 Maybe Update Vector: Pack 2 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1713
Microsoft 4493186 Base: 7.8 Excel 2010 Remote Security Temporal: 6.8 Service Important Code 4493148 Maybe Update Vector: Pack 2 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4493176 Base: 7.8 Remote Excel 2013 Security Temporal: 6.8 Important Code 4493139 Maybe RT Service Update Vector: Execution Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493176 Base: 7.8 Excel 2013 Remote Security Temporal: 6.8 Service Important Code 4493139 Maybe Update Vector: Pack 1 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
4493176 Base: 7.8 Remote Microsoft Security Temporal: 6.8 Important Code 4493139 Maybe Excel 2013 Update Vector: Execution Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1713
Pack 1 (64- bit editions)
Microsoft Office Web 4493171 Base: 7.8 Remote Apps Security Temporal: 6.8 Important Code 4486760 Maybe Server 2013 Update Vector: Execution Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
CVE-2021-1714 - Microsoft Excel Remote Code Execution Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft Excel Remote Code Execution Vulnerability CVE-2021-1714 Description: MITRE Important Remote Code Execution NVD FAQ: Is the Preview Pane an attack vector for this vulnerability?
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
No, the Preview Pane is not an attack vector.
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1714
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
Microsoft SharePoint 4486724 Base: 7.8 Remote Enterprise Security Temporal: 6.8 Important Code 4486687 Maybe Server 2013 Update Vector: Execution Service Pack CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 1
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code 4486687 No for 32-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code 4486687 No for 64-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
Release Base: 7.8 Microsoft Notes Remote Temporal: 6.8 Office 2019 Security Important Code 4486687 No Vector: for Mac Update Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493160 Base: 7.8 Remote Office Security Temporal: 6.8 Important Code 4486750 Maybe Online Update Vector: Execution Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Click to 365 Apps Base: 7.8 Run Remote for Temporal: 6.8 Security Important Code 4486750 No Enterprise Vector: Update Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Systems
Microsoft Click to Remote Base: 7.8 365 Apps Run Important Code 4486750 No Temporal: 6.8 for Security Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
Enterprise Update Vector: for 64-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Microsoft 4493165 Base: 7.8 Remote Excel 2016 Security Temporal: 6.8 Important Code 4486754 Maybe (32-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493165 Base: 7.8 Remote Excel 2016 Security Temporal: 6.8 Important Code 4486754 Maybe (64-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493168 Base: 7.8 Remote Office 2016 Security Temporal: 6.8 Important Code 4486757 Maybe (32-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
Microsoft 4493168 Base: 7.8 Remote Office 2016 Security Temporal: 6.8 Important Code 4486757 Maybe (64-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493186 Base: 7.8 Excel 2010 Remote Security Temporal: 6.8 Service Pack Important Code 4493148 Maybe Update Vector: 2 (32-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
Microsoft 4493186 Base: 7.8 Excel 2010 Remote Security Temporal: 6.8 Service Pack Important Code 4493148 Maybe Update Vector: 2 (64-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
Microsoft 4493176 Base: 7.8 Remote Excel 2013 Security Temporal: 6.8 Important Code 4493139 Maybe RT Service Update Vector: Execution Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
Microsoft 4493176 Base: 7.8 Excel 2013 Remote Security Temporal: 6.8 Service Pack Important Code 4493139 Maybe Update Vector: 1 (32-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
Microsoft 4493176 Base: 7.8 Excel 2013 Remote Security Temporal: 6.8 Service Pack Important Code 4493139 Maybe Update Vector: 1 (64-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
Microsoft 4493181 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Pack Important Code 4493140 Maybe Update Vector: 2 (32-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
Microsoft Remote 4493181 Base: 7.8 Office 2010 Important Code 4493140 Maybe Security Temporal: 6.8 Service Pack Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
2 (64-bit Update Vector: editions) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4486759 Base: 7.8 Remote Office 2013 Security Temporal: 6.8 Important Code 4486725 Maybe RT Service Update Vector: Execution Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4486759 Base: 7.8 Office 2013 Remote Security Temporal: 6.8 Service Pack Important Code 4486725 Maybe Update Vector: 1 (32-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
Microsoft 4486759 Base: 7.8 Office 2013 Remote Security Temporal: 6.8 Service Pack Important Code 4486725 Maybe Update Vector: 1 (64-bit Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C editions)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1714
Microsoft 4493171 Base: 7.8 Office Web Remote Security Temporal: 6.8 Apps Server Important Code 4486760 Maybe Update Vector: 2013 Service Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
Excel Services on Microsoft 4486736 Base: 7.8 Remote SharePoint Security Temporal: 6.8 Important Code 4484531 Maybe Enterprise Update Vector: Execution Server 2013 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Service Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715 - Microsoft Word Remote Code Execution Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft Word Remote Code Execution Vulnerability Description:
FAQ:
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
CVE-2021-1715 MITRE Mitigations: Important Remote Code Execution NVD None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1715
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
4493163 Security Microsoft Base: 7.8 Update Remote SharePoint Temporal: 6.8 4493167 Important Code 4486721 Maybe Enterprise Vector: Security Execution Server 2016 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Update
Microsoft SharePoint 4486683 Base: 7.8 Remote Enterprise Security Temporal: 6.8 Important Code 4484514 Maybe Server 2013 Update Vector: Execution Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715
4493162 Security Base: 7.8 Microsoft Update Remote Temporal: 6.8 SharePoint 4493161 Important Code 4486752 Maybe Vector: Server 2019 Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Update
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code 4486752 No for 32-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code 4486752 No for 64-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715
Release Base: 7.8 Microsoft Notes Remote Temporal: 6.8 Office 2019 Security Important Code 4486752 No Vector: for Mac Update Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493160 Base: 7.8 Remote Office Security Temporal: 6.8 Important Code 4486750 Maybe Online Update Vector: Execution Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Click to 365 Apps Base: 7.8 Run Remote for Temporal: 6.8 Security Important Code 4486750 No Enterprise Vector: Update Execution for 32-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Systems
Microsoft Click to Remote Base: 7.8 365 Apps Run Important Code 4486750 No Temporal: 6.8 for Security Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715
Enterprise Update Vector: for 64-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Systems
Microsoft 4493156 Base: 7.8 Remote Word 2016 Security Temporal: 6.8 Important Code 4486719 Maybe (32-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493156 Base: 7.8 Remote Word 2016 Security Temporal: 6.8 Important Code 4486719 Maybe (64-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493142 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Important Code 4486738 Maybe Update Vector: Pack 2 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715
Microsoft 4493142 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Important Code 4486738 Maybe Update Vector: Pack 2 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4493183 Base: 7.8 Office Web Remote Security Temporal: 6.8 Apps 2010 Important Code 4486704 Maybe Update Vector: Service Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 2
Microsoft 4493178 Base: 7.8 SharePoint Remote Security Temporal: 6.8 Server 2010 Important Code 4486697 Maybe Update Vector: Service Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 2
Microsoft Remote 4493145 Base: 7.8 Word 2010 Important Code 4486740 Maybe Security Temporal: 6.8 Service Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715
Pack 2 (32- Update Vector: bit editions) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493145 Base: 7.8 Word 2010 Remote Security Temporal: 6.8 Service Important Code 4486740 Maybe Update Vector: Pack 2 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4486764 Base: 7.8 Remote Word 2013 Security Temporal: 6.8 Important Code 4486730 Maybe RT Service Update Vector: Execution Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4486764 Base: 7.8 Word 2013 Remote Security Temporal: 6.8 Service Important Code 4486730 Maybe Update Vector: Pack 1 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1715
Microsoft 4486764 Base: 7.8 Word 2013 Remote Security Temporal: 6.8 Service Important Code 4486730 Maybe Update Vector: Pack 1 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft Office Web 4493171 Base: 7.8 Remote Apps Server Security Temporal: 6.8 Important Code 4486760 Maybe 2013 Update Vector: Execution Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716 - Microsoft Word Remote Code Execution Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft Word Remote Code Execution Vulnerability Description:
FAQ:
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
CVE-2021-1716 MITRE Mitigations: Important Remote Code Execution NVD None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
@NSFOCUS 2021 http://www.nsfocus.com
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1716
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Microsoft Office Web 4493171 Base: 7.8 Remote Apps Server Security Temporal: 6.8 Important Code 4486760 Maybe 2013 Update Vector: Execution Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
4493163 Security Microsoft Base: 7.8 Update Remote SharePoint Temporal: 6.8 4493167 Important Code 4486721 Maybe Enterprise Vector: Security Execution Server 2016 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Update
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716
Microsoft SharePoint 4486683 Base: 7.8 Remote Enterprise Security Temporal: 6.8 Important Code 4484514 Maybe Server 2013 Update Vector: Execution Service CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 1
4493162 Security Base: 7.8 Microsoft Update Remote Temporal: 6.8 SharePoint 4493161 Important Code 4486752 Maybe Vector: Server 2019 Security Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Update
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code 4486752 No for 32-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716
Click to Microsoft Base: 7.8 Run Remote Office 2019 Temporal: 6.8 Security Important Code 4486752 No for 64-bit Vector: Update Execution editions CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Release Base: 7.8 Microsoft Notes Remote Temporal: 6.8 Office 2019 Security Important Code 4486752 No Vector: for Mac Update Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493160 Base: 7.8 Remote Office Security Temporal: 6.8 Important Code 4486750 Maybe Online Update Vector: Execution Server CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Base: 7.8 Click to Remote 365 Apps Temporal: 6.8 Run Important Code 4486750 No for Vector: Security Execution Enterprise CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716 for 32-bit Update Systems
Microsoft Click to 365 Apps Base: 7.8 Run Remote for Temporal: 6.8 Security Important Code 4486750 No Enterprise Vector: Update Execution for 64-bit CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Systems
Microsoft 4493156 Base: 7.8 Remote Word 2016 Security Temporal: 6.8 Important Code 4486719 Maybe (32-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493156 Base: 7.8 Remote Word 2016 Security Temporal: 6.8 Important Code 4486719 Maybe (64-bit Update Vector: Execution edition) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716
Microsoft 4493142 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Important Code 4486738 Maybe Update Vector: Pack 2 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4493142 Base: 7.8 Office 2010 Remote Security Temporal: 6.8 Service Important Code 4486738 Maybe Update Vector: Pack 2 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4493183 Base: 7.8 Office Web Remote Security Temporal: 6.8 Apps 2010 Important Code 4486704 Maybe Update Vector: Service Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 2
Microsoft Remote 4493178 Base: 7.8 SharePoint Important Code 4486697 Maybe Security Temporal: 6.8 Server 2010 Execution
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716
Service Update Vector: Pack 2 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft 4493145 Base: 7.8 Word 2010 Remote Security Temporal: 6.8 Service Important Code 4486740 Maybe Update Vector: Pack 2 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4493145 Base: 7.8 Word 2010 Remote Security Temporal: 6.8 Service Important Code 4486740 Maybe Update Vector: Pack 2 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4486764 Base: 7.8 Remote Word 2013 Security Temporal: 6.8 Important Code 4486730 Maybe RT Service Update Vector: Execution Pack 1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1716
Microsoft 4486764 Base: 7.8 Word 2013 Remote Security Temporal: 6.8 Service Important Code 4486730 Maybe Update Vector: Pack 1 (32- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
Microsoft 4486764 Base: 7.8 Word 2013 Remote Security Temporal: 6.8 Service Important Code 4486730 Maybe Update Vector: Pack 1 (64- Execution CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C bit editions)
CVE-2021-1717 - Microsoft SharePoint Spoofing Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1717 CVE Title: Microsoft SharePoint Spoofing Vulnerability MITRE Description: Important Spoofing NVD FAQ:
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1717
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1717
Microsoft 4493163 Base: 4.6 SharePoint Security Temporal: 4 Important Spoofing 4486753 Maybe Enterprise Update Vector: Server 2016 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
4493162 Base: 4.6 Microsoft Security Temporal: 4 SharePoint Important Spoofing 4486751 Maybe Update Vector: Server 2019 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
Microsoft 4493175 Base: 4.6 SharePoint Security Temporal: 4 Foundation Important Spoofing 4493138 Maybe Update Vector: 2013 Service CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C Pack 1
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1718 - Microsoft SharePoint Server Tampering Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft SharePoint Server Tampering Vulnerability Description:
FAQ: None Mitigations: CVE-2021-1718 None MITRE Important Tampering Workarounds: NVD None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1718
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Microsoft SharePoint 4493187 Base: 8 Foundation Security Temporal: 7 Important Tampering 4493149 Maybe 2010 Update Vector: Service CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Pack 2
CVE-2021-1719 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability CVE-2021-1719 Description: MITRE Important Elevation of Privilege NVD FAQ: None Mitigations:
@NSFOCUS 2021 http://www.nsfocus.com
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
CVE-2021-1719
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1719
Microsoft 4493163 Base: 8 Elevation SharePoint Security Temporal: 7 Important of 4486753 Maybe Enterprise Update Vector: Privilege Server 2016 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4493162 Base: 8 Microsoft Elevation Security Temporal: 7 SharePoint Important of 4486751 Maybe Update Vector: Server 2019 Privilege CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2021-1723 - ASP.NET Core and Visual Studio Denial of Service Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE- CVE Title: ASP.NET Core and Visual Studio Denial of Service Vulnerability Important Denial of Service 2021-1723 Description:
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
MITRE NVD FAQ: None Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
1.1 01/12/2021 08:00:00
Removed Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) and Microsoft Visual Studio 2019 version 16.0 from the Security Updates table because these versions are not affected by this vulnerability.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1723
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Release Base: 7.5 Notes Denial ASP.NET Temporal: 6.5 Security Important of Maybe Core 3.1 Vector: Update Service CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Release Base: 7.5 Notes Denial ASP.NET Temporal: 6.5 Security Important of Maybe Core 5.0 Vector: Update Service CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Microsoft Release Visual Studio Base: 7.5 Notes Denial 2019 version Temporal: 6.5 Security Important of Maybe 16.4 Vector: Update Service (includes CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
16.0 - 16.3)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1723
Release Microsoft Base: 7.5 Notes Denial Visual Studio Temporal: 6.5 Security Important of Maybe 2019 version Vector: Update Service 16.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Microsoft Visual Studio Release Base: 7.5 2019 version Notes Denial Temporal: 6.5 16.7 Security Important of Maybe Vector: (includes Update Service CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 16.0 – 16.6)
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1725 - Bot Framework SDK Information Disclosure Vulnerability
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
CVE Title: Bot Framework SDK Information Disclosure Vulnerability Description:
FAQ:
How do I know if I need to install the update?
CVE- Customers using Bot Framework SDK with versions shown in the Security Update Applies 2021-1725 To column in the following table affected by this vulnerability. Information Important MITRE Disclosure Unaffected Versions Security Update Unaffected Versions NVD SDK Prior To Applies To Greater Than
.NET 4.6.0 4.6.0 - 4.10.2 4.10.2 Framework
JavaScript 4.7.0 4.7.0 - 4.10.1 4.10.1
@NSFOCUS 2021 http://www.nsfocus.com
Maximum Vulnerability CVE ID Vulnerability Description Severity Rating Impact
Python 4.7.0 4.7.0 - 4.10.0 4.10.0
Mitigations: None Workarounds: None Revision: 1.0 01/12/2021 08:00:00
Information published.
Affected Software
The following tables list the affected software details for the vulnerability.
@NSFOCUS 2021 http://www.nsfocus.com
CVE-2021-1725
KB Restart Product Severity Impact Supersedence CVSS Score Set Article Required
Bot Advisory Base: 5.5 Framework Security Information Temporal: 4.8 SDK Important Maybe Update Disclosure Vector: for .NET CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Framework
Bot Advisory Base: 5.5 Framework Security Information Temporal: 4.8 Important Maybe SDK for Update Disclosure Vector: JavaScript CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Bot Advisory Base: 5.5 Framework Security Information Temporal: 4.8 Important Maybe SDK for Update Disclosure Vector: Python CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
@NSFOCUS 2021 http://www.nsfocus.com
Statement ======
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS. About NSFOCUS ======
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company's Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.
NSFOCUS works with Fortune Global 500 companies, including four of the world's five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).
A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.
@NSFOCUS 2021 http://www.nsfocus.com