CVE-2021-1688 – Windows CSC Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1688
Windows CSC Service Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Windows CSC Service. Este ID de CVE es diferente de CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1688 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1688 • CWE-269: Improper Privilege Management •
CVE-2021-1689 – Windows Multipoint Management Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1689
Windows Multipoint Management Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Multipoint Management • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1689 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1689 • CWE-269: Improper Privilege Management •
CVE-2021-1685 – Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1685
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows AppX Deployment Extensions. Este ID de CVE es diferente de CVE-2021-1642 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deployment Service. By creating a directory junction, an attacker can abuse the service to create files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1685 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1685 • CWE-269: Improper Privilege Management •
CVE-2021-1684 – Windows Bluetooth Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1684
Windows Bluetooth Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Funcionalidad de Windows Bluetooth Security. Este ID de CVE es diferente de CVE-2021-1638, CVE-2021-1683 Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1684 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1684 •
CVE-2021-1683 – Windows Bluetooth Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1683
Windows Bluetooth Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Característica de Seguridad de Windows Bluetooth. Este ID de CVE es diferente de CVE-2021-1638, CVE-2021-1684 Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1683 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1683 •