CVE-2021-24084

MEDIUM

Windows 10 and Windows Server 2016/2019 - Information Disclosure via Improper Link Resolution

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-24084. PoCs published by exploitblizzard, Jeromeyoung.

AI-analyzed exploit summary This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-24084, targeting Windows MDM (Mobile Device Management) vulnerabilities. The exploit includes a reverse shell server and leverages NTDLL functions to escalate privileges, with support for multiple Windows versions.

Description

Windows Mobile Device Management Information Disclosure Vulnerability

Exploits (2)

nomisec WORKING POC 52 stars

by exploitblizzard · poc

https://github.com/exploitblizzard/WindowsMDM-LPE-0Day

View Code ZIP pw:eip

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-24084, targeting Windows MDM (Mobile Device Management) vulnerabilities. The exploit includes a reverse shell server and leverages NTDLL functions to escalate privileges, with support for multiple Windows versions.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Windows MDM (Mobile Device Management) on Windows 10/11 and Windows Server 2016/2019

No auth needed

Prerequisites: Local access to a vulnerable Windows system · Compilation of the exploit code

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 1 stars

by Jeromeyoung · poc

https://github.com/Jeromeyoung/CVE-2021-24084

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2021-24084, a local privilege escalation vulnerability in Windows. The code includes a reverse shell server and operations to manipulate Windows objects, demonstrating the exploit's capability to escalate privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Windows (specific version not specified)

Auth required

Prerequisites: Local access to the target system · Basic user privileges

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24084

Scores

CVSS v3 5.5

EPSS 0.0389

EPSS Percentile 88.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-59

Status published

Products (9)

microsoft/windows_10 20h2

microsoft/windows_10 1803

microsoft/windows_10 1809

microsoft/windows_10 1909

microsoft/windows_10 2004

microsoft/windows_server_2016 20h2

microsoft/windows_server_2016 1909

microsoft/windows_server_2016 2004

microsoft/windows_server_2019

Published Feb 25, 2021

Tracked Since Feb 18, 2026