CVE-2021-31955

MEDIUM KEV

Microsoft Windows 10 1809 < 10.0.17763.1999 - Information Disclosure

Title source: rule

Description

Windows Kernel Information Disclosure Vulnerability

Exploits (4)

nomisec WORKING POC 13 stars

by freeide · local

https://github.com/freeide/CVE-2021-31955-POC

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by ApexPredator-InfoSec · local

https://github.com/ApexPredator-InfoSec/forti_shield

View Code ZIP pw:eip

inthewild

poc

https://github.com/lagal1990/cve-2021-31955-poc

View on inthewild

inthewild

poc

https://github.com/expdev893/cve-2021-31955-poc

View on inthewild

References (2)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31955

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31955

Scores

CVSS v3 5.5

EPSS 0.0483

EPSS Percentile 89.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2021-11-03

VulnCheck KEV 2021-04-14

InTheWild.io 2021-04-14

ENISA EUVD EUVD-2021-18828

CWE

CWE-497

Status published

Products (8)

microsoft/windows_10_1809 < 10.0.17763.1999

microsoft/windows_10_1909 < 10.0.18363.1621

microsoft/windows_10_2004 < 10.0.19041.1052

microsoft/windows_10_20h2 < 10.0.19042.1052

microsoft/windows_10_21h1 < 10.0.19043.1052

microsoft/windows_server_2004 < 10.0.19041.1052

microsoft/windows_server_2019 < 10.0.17763.1999

microsoft/windows_server_20h2 < 10.0.19042.1052

Published Jun 08, 2021

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026