CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-31969 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31969
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows Cloud Files Mini Filter Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31969 https://www.zerodayinitiative.com/advisories/ZDI-21-797 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-31968 – Windows Remote Desktop Services Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-31968
Windows Remote Desktop Services Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en Windows Remote Desktop Services • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31968 •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-31962 – Kerberos AppContainer Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31962
Kerberos AppContainer Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Kerberos AppContainer Kerberos supports a security buffer to set the target SPN of a ticket bypassing the SPN check in LSASS. • http://packetstormsecurity.com/files/163206/Windows-Kerberos-AppContainer-Enterprise-Authentication-Capability-Bypass.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31962 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31960 – Windows Bind Filter Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31960
Windows Bind Filter Driver Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Windows Bind Filter Driver • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31960 •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-31958 – Windows NTLM Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31958
Windows NTLM Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows NTLM • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31958 • CWE-294: Authentication Bypass by Capture-replay •