CyberSec.Space Logo
Back to CVE Browser

CVE-2021-42287

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score57.9630%
EPSS Percentile98.17th
PublishedNov 10, 2021
Last ModifiedOct 30, 2025

Vulnerability Description

Active Directory Domain Services Elevation of Privilege Vulnerability

Affected Platforms (CPE)

πŸ’»
Microsoft

Windows Server 2008

All versions
πŸ’»
Microsoft

Windows Server 2008

= r2
πŸ’»
Microsoft

Windows Server 2012

All versions
πŸ’»
Microsoft

Windows Server 2012

= r2
πŸ’»
Microsoft

Windows Server 2016

< 10.0.14393.4770
πŸ’»
Microsoft

Windows Server 2016

= 2004
πŸ’»
Microsoft

Windows Server 2019

< 10.0.17763.2300
πŸ’»
Microsoft

Windows Server 2022

< 10.0.20348.350

References & Advisories

πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42287
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42287
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42287

Related Vulnerabilities

CVE-2009-121610.0

Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windo...

CVE-2008-300910.0

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do no...

CVE-2008-403810.0

Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allow...

CVE-2009-008610.0

Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, V...