1. Home
  2. Vulnerabilities
  3. CVE-2021-31956

CVE-2021-31956

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 9.3 (High)
93% Progress
EPSS 0.14 % (50th)
0.14% Progress
Affected Products 17
Advisories 2
NVD Status Analyzed
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Windows NTFS Elevation of Privilege Vulnerability

Weaknesses
CWE-191
Integer Underflow (Wrap or Wraparound)
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
Microsoft Corporation
Published Date
2021-06-08 23:15:08
(3 years ago)
Updated Date
2024-07-29 17:33:52
(7 weeks ago)
Microsoft Windows NTFS Privilege Escalation Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
Description
Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
Required Action
Apply updates per vendor instructions.
Known to be Used in Ransomware Campaigns
Unknown
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-31956
Vendor
Microsoft
Product
Windows
In CISA Catalog from
2021-11-03
(2 years ago)
Due Date
2021-11-17
(2 years ago)

Affected Products

Microsoft

Configuration #1

    CPE23 From Up To
  Microsoft Windows 10 1809 cpe:2.3:o:microsoft:windows_10:1809
  Microsoft Windows 10 1507 prior 10.0.10240.18967 version cpe:2.3:o:microsoft:windows_10_1507 < 10.0.10240.18967
  Microsoft Windows 10 1607 prior 10.0.14393.4467 version cpe:2.3:o:microsoft:windows_10_1607 < 10.0.14393.4467
  Microsoft Windows 10 1809 prior 10.0.17763.1999 version cpe:2.3:o:microsoft:windows_10_1809 < 10.0.17763.1999
  Microsoft Windows 10 1909 prior 10.0.18363.1621 version cpe:2.3:o:microsoft:windows_10_1909 < 10.0.18363.1621
  Microsoft Windows 10 2004 prior 10.0.19041.1052 version cpe:2.3:o:microsoft:windows_10_2004 < 10.0.19041.1052
  Microsoft Windows 10 20h2 prior 10.0.19042.1052 version cpe:2.3:o:microsoft:windows_10_20h2 < 10.0.19042.1052
  Microsoft Windows 10 21h1 prior 10.0.19043.1052 version cpe:2.3:o:microsoft:windows_10_21h1 < 10.0.19043.1052
  Microsoft Windows 7 SP1 cpe:2.3:o:microsoft:windows_7:-:sp1
  Microsoft Windows 8.1 cpe:2.3:o:microsoft:windows_8.1:-
  Microsoft Windows Rt 8.1 cpe:2.3:o:microsoft:windows_rt_8.1:-
  Microsoft Windows Server 2004 prior 10.0.19041.1052 version cpe:2.3:o:microsoft:windows_server_2004 < 10.0.19041.1052
  Microsoft Windows Server 2008 R2 SP1 on X64 cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64
  Microsoft Windows Server 2008 SP2 cpe:2.3:o:microsoft:windows_server_2008:sp2
  Microsoft Windows Server 2012 cpe:2.3:o:microsoft:windows_server_2012:-
  Microsoft Windows Server 2012 R2 cpe:2.3:o:microsoft:windows_server_2012:r2
  Microsoft Windows Server 2016 prior 10.0.14393.4467 version cpe:2.3:o:microsoft:windows_server_2016 < 10.0.14393.4467
  Microsoft Windows Server 2019 prior 10.0.17763.1999 version cpe:2.3:o:microsoft:windows_server_2019 < 10.0.17763.1999
  Microsoft Windows Server 20h2 prior 10.0.19042.1052 version cpe:2.3:o:microsoft:windows_server_20h2 < 10.0.19042.1052