返回 CVE 瀏覽器

CVE-2021-41357

Known Exploited (CISA KEV)HIGH

7.8

CVSS Severity Score

EPSS Score26.5820%

EPSS Percentile98.48th

Published2021年10月13日

Last Modified2025年10月30日

Vulnerability Description

Win32k Elevation of Privilege Vulnerability

Affected Platforms (CPE)

💻

Microsoft

Windows 10 2004

< 10.0.19041.1288

💻

Microsoft

Windows 10 20h2

< 10.0.19042.1288

💻

Microsoft

Windows 10 21h1

< 10.0.19043.1288

💻

Microsoft

Windows 11 21h2

< 10.0.22000.258

💻

Microsoft

Windows Server 2004

< 10.0.19041.1288

💻

Microsoft

Windows Server 2022

< 10.0.20348.288

💻

Microsoft

Windows Server 20h2

< 10.0.19042.1288

References & Advisories

🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41357

🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41357

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-41357

相關漏洞威脅

CVE-2007-006510.0

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1...

CVE-2007-22249.3

Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004...

CVE-2006-13119.3

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for...

CVE-2008-44739.3

Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execut...