CVE-2021-40449

HIGH KEV RANSOMWARE

Win32k - Privilege Escalation

Title source: llm

Description

Win32k Elevation of Privilege Vulnerability

Exploits (11)

nomisec WORKING POC 480 stars
by ly4k · local
https://github.com/ly4k/CallbackHell
nomisec WORKING POC 99 stars
by KaLendsi · local
https://github.com/KaLendsi/CVE-2021-40449-Exploit
nomisec WORKING POC 54 stars
by Kristal-g · local
https://github.com/Kristal-g/CVE-2021-40449_poc
nomisec WORKING POC 45 stars
by hakivvi · local
https://github.com/hakivvi/CVE-2021-40449
nomisec WORKING POC 1 stars
by CppXL · poc
https://github.com/CppXL/cve-2021-40449-poc
nomisec WORKING POC
by toanthang1842002 · local
https://github.com/toanthang1842002/CVE-2021-40449
metasploit WORKING POC GOOD
by IronHusky, Costin Raiu, Boris Larin, Red Raindrop Team of Qi, , # detailed analysis report in Chinese showing how to replicate the vulnerability, , # First Public POC targeting Windows 10 build 14393 · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2021_40449.rb
patchapalooza WORKING POC
by SamuelTulach · local
https://github.com/SamuelTulach/voidmap
patchapalooza WORKING POC
by BL0odz · local
https://github.com/BL0odz/CVE-2021-40449-NtGdiResetDC-UAF
patchapalooza WORKING POC
by hissec · poc
https://gitee.com/hissec/CVE-2021-40449-Exploit
patchapalooza WRITEUP
by Ascotbe · local
https://github.com/Ascotbe/Kernelhub

Scores

CVSS v3 7.8
EPSS 0.9179
EPSS Percentile 99.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-17
VulnCheck KEV 2021-10-12
InTheWild.io 2021-10-12
ENISA EUVD EUVD-2021-27626
Ransomware Use Confirmed
CWE
CWE-416
Status published
Products (21)
microsoft/windows_10_1507 < 10.0.10240.19086
microsoft/windows_10_1607 < 10.0.14393.4704
microsoft/windows_10_1809 < 10.0.17763.2237
microsoft/windows_10_1909 < 10.0.18363.1854
microsoft/windows_10_2004 < 10.0.19041.1288
microsoft/windows_10_20h2 < 10.0.19041.1288
microsoft/windows_10_21h1 < 10.0.19041.1288
microsoft/windows_11
microsoft/windows_11_21h2 < 10.0.22000.258
microsoft/windows_7
... and 11 more
Published Oct 13, 2021
KEV Added Nov 17, 2021
Tracked Since Feb 18, 2026