CVE-2021-38639

HIGH

Windows 10 - Elevation of Privilege in Win32k

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-38639. PoCs published by DarkSprings.

AI-analyzed exploit summary The repository claims to be a PoC for a Windows win32k UAC bypass (CVE-2021-38639) but lacks any actual exploit code or technical details. The README is vague and does not provide meaningful information about the vulnerability or exploitation method.

Description

Win32k Elevation of Privilege Vulnerability

Exploits (1)

nomisec SUSPICIOUS

by DarkSprings · poc

https://github.com/DarkSprings/CVE-2021-38639

View Code ZIP pw:eip

The repository claims to be a PoC for a Windows win32k UAC bypass (CVE-2021-38639) but lacks any actual exploit code or technical details. The README is vague and does not provide meaningful information about the vulnerability or exploitation method.

Classification

Suspicious 80%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Windows win32k components (win32kfull.sys, win32kbase.sys, win32k.sys)

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38639

Scores

CVSS v3 7.8

EPSS 0.0120

EPSS Percentile 64.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Products (18)

microsoft/windows_10

microsoft/windows_10 20h2

microsoft/windows_10 21h1

microsoft/windows_10 1607

microsoft/windows_10 1809

microsoft/windows_10 1909

microsoft/windows_10 2004

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

... and 8 more

Published Sep 15, 2021

Tracked Since Feb 18, 2026