CVE-2021-28310

HIGH KEV

Win32k - Privilege Escalation

Title source: llm

Description

Win32k Elevation of Privilege Vulnerability

Exploits (1)

nomisec NO CODE 1 stars

by Rafael-Svechinskaya · poc

https://github.com/Rafael-Svechinskaya/IOC_for_CVE-2021-28310

View Code ZIP pw:eip

References (2)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28310

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-28310

Scores

CVSS v3 7.8

EPSS 0.5395

EPSS Percentile 98.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2021-04-13

InTheWild.io 2021-04-13

ENISA EUVD EUVD-2021-14995

CWE

CWE-787

Status published

Products (9)

microsoft/windows_10_1803

microsoft/windows_10_1809

microsoft/windows_10_1909

microsoft/windows_10_2004

microsoft/windows_10_20h2

microsoft/windows_server_1909

microsoft/windows_server_2004

microsoft/windows_server_2019

microsoft/windows_server_20h2

Published Apr 13, 2021

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026