Microsoft: >> Windows 10 2004 >> 10.0.19041.423 Security Vulnerabilities
CVE-2021-34486
Windows Event Tracing Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.277
Published
2021-08-12
CVE-2021-36934
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>An attacker must have the ability to execute code on a victim system to exploit this vulnerability.</p>
<p>After installing this security update, you <em>must</em> manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. <strong>Simply installing this security update will not fully mitigate this vulnerability.</strong> See <a href="https://support.microsoft.com/topic/1ceaa637-aaa3-4b58-a48b-baf72a2fa9e7">KB5005357- Delete Volume Shadow Copies</a>.</p>
Known exploited
CVSS Score
7.8
EPSS Score
0.904
Published
2021-07-22
CVE-2021-34448
Scripting Engine Memory Corruption Vulnerability
Known exploited
CVSS Score
6.8
EPSS Score
0.029
Published
2021-07-16
CVE-2021-33771
Windows Kernel Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.016
Published
2021-07-14
CVE-2021-31979
Windows Kernel Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.01
Published
2021-07-14
CVE-2021-33739
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Known exploited
CVSS Score
8.4
EPSS Score
0.116
Published
2021-06-08
CVE-2021-33742
Windows MSHTML Platform Remote Code Execution Vulnerability
Known exploited
CVSS Score
7.5
EPSS Score
0.572
Published
2021-06-08
CVE-2021-1675
Windows Print Spooler Remote Code Execution Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.943
Published
2021-06-08
CVE-2021-31199
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
Known exploited
CVSS Score
5.2
EPSS Score
0.005
Published
2021-06-08
CVE-2021-31201
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
Known exploited
CVSS Score
5.2
EPSS Score
0.002
Published
2021-06-08