CVE-2021-34486
HIGH KEVWindows 10 1809-21H1 and Windows Server 2019-20H2 - Use-After-Free in Event Tracing
Title source: llmExploitation Summary
CVE-2021-34486 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 28, 2022. EIP tracks 2 public exploits from researchers including KaLendsi, b1tg.
AI-analyzed exploit summary The repository contains a functional exploit PoC for CVE-2021-34486, targeting a Windows kernel vulnerability in the Event Tracing for Windows (ETW) component. The code demonstrates memory corruption via crafted ETW notifications, leveraging kernel pointer manipulation and arbitrary write primitives.
Description
Windows Event Tracing Elevation of Privilege Vulnerability
Exploits (2)
The repository contains a functional exploit PoC for CVE-2021-34486, targeting a Windows kernel vulnerability in the Event Tracing for Windows (ETW) component. The code demonstrates memory corruption via crafted ETW notifications, leveraging kernel pointer manipulation and arbitrary write primitives.
This repository contains a functional exploit for CVE-2021-34486, targeting a Windows Event Tracing (ETW) vulnerability. The code demonstrates memory corruption via crafted ETW notifications, likely leading to local privilege escalation (LPE).
References (2)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H