CVE-2021-26882 – Remote Access API Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26882
Remote Access API Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de la API Remote Access • https://github.com/taiji-xo/CVE-2021-26882 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26882 •
CVE-2021-26881 – Microsoft Windows Media Foundation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26881
Microsoft Windows Media Foundation Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft Windows Media Foundation • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26881 •
CVE-2021-26878 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26878
Windows Print Spooler Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Print Spooler de Windows. Este ID de CVE es diferente de CVE-2021-1640 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26878 •
CVE-2021-26875 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26875
Windows Win32k Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Win32k. Este ID de CVE es diferente de CVE-2021-26863, CVE-2021-26900, CVE-2021-27077 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26875 •
CVE-2021-26873 – Windows User Profile Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26873
Windows User Profile Service Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del User Profile Service de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile Service. By creating a directory junction, an attacker can abuse the service to create a second junction in a sensitive location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26873 https://www.zerodayinitiative.com/advisories/ZDI-21-283 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •