CVE-2021-31201

Known Exploited (CISA KEV)MEDIUM

5.2

CVSS Severity Score

EPSS Score45.1980%

EPSS Percentile86.11th

PublishedJun 8, 2021

Last ModifiedOct 30, 2025

Vulnerability Description

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

Affected Platforms (CPE)

💻

Microsoft

Windows 10 1507

< 10.0.10240.18967

💻

Microsoft

Windows 10 1607

< 10.0.14393.4467

💻

Microsoft

Windows 10 1809

< 10.0.17763.1999

💻

Microsoft

Windows 10 1909

< 10.0.18363.1621

💻

Microsoft

Windows 10 2004

< 10.0.19041.1052

💻

Microsoft

Windows 10 20h2

< 10.0.19042.1052

💻

Microsoft

Windows 10 21h1

< 10.0.19043.1052

💻

Microsoft

Windows 7

All versions

💻

Microsoft

Windows 8.1

All versions

💻

Microsoft

Windows Rt 8.1

All versions

💻

Microsoft

Windows Server 2004

< 10.0.19041.1052

💻

Microsoft

Windows Server 2008

All versions

💻

Microsoft

Windows Server 2008

= r2

💻

Microsoft

Windows Server 2012

All versions

💻

Microsoft

Windows Server 2012

= r2

💻

Microsoft

Windows Server 2016

< 10.0.14393.4467

💻

Microsoft

Windows Server 2019

< 10.0.17763.1999

💻

Microsoft

Windows Server 20h2

< 10.0.19042.1052

References & Advisories

🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31201

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31201

Vulnerability Description

Affected Platforms (CPE)

Windows 10 1507

Windows 10 1607

Windows 10 1809

Windows 10 1909

Windows 10 2004

Windows 10 20h2

Windows 10 21h1

Windows 7

Windows 8.1

Windows Rt 8.1

Windows Server 2004

Windows Server 2008

Windows Server 2008

Windows Server 2012

Windows Server 2012

Windows Server 2016

Windows Server 2019

Windows Server 20h2

References & Advisories

Related Vulnerabilities