CyberSec.Space Logo
Back to CVE Browser

CVE-2021-42278

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score91.7120%
EPSS Percentile91.67th
PublishedNov 10, 2021
Last ModifiedOct 30, 2025

Vulnerability Description

Active Directory Domain Services Elevation of Privilege Vulnerability

Affected Platforms (CPE)

πŸ’»
Microsoft

Windows Server 2004

< 10.0.19041.1348
πŸ’»
Microsoft

Windows Server 2008

All versions
πŸ’»
Microsoft

Windows Server 2008

= r2
πŸ’»
Microsoft

Windows Server 2012

All versions
πŸ’»
Microsoft

Windows Server 2012

= r2
πŸ’»
Microsoft

Windows Server 2016

< 10.0.14393.4770
πŸ’»
Microsoft

Windows Server 2019

< 10.0.17763.2300
πŸ’»
Microsoft

Windows Server 2022

< 10.0.20348.350
πŸ’»
Microsoft

Windows Server 20h2

< 10.0.19042.1348

References & Advisories

πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42278
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42278
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42278

Related Vulnerabilities

CVE-2007-006510.0

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1...

CVE-2007-22249.3

Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004...

CVE-2005-29867.5

The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Buil...

CVE-2005-32847.5

Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and M...