CVE-2022-21877
MEDIUMWindows 10 and Windows 11 - Out-of-bounds Read in Storage Spaces Controller
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2022-21877. PoCs published by Big5-sec.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-21877, an information leak vulnerability in the spaceport.sys driver. The PoC demonstrates uncontrolled data leakage from kernel memory by interacting with storage pools and tiers.
Description
Storage Spaces Controller Information Disclosure Vulnerability
Exploits (1)
nomisec
WORKING POC
5 stars
by Big5-sec · poc
https://github.com/Big5-sec/cve-2022-21877
This repository contains a proof-of-concept exploit for CVE-2022-21877, an information leak vulnerability in the spaceport.sys driver. The PoC demonstrates uncontrolled data leakage from kernel memory by interacting with storage pools and tiers.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target:
Microsoft Windows spaceport.sys driver
Auth required
Prerequisites:
Administrative privileges · At least two storage pools configured on the target system
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21877
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-048/
Scores
CVSS v3
5.5
EPSS
0.0289
EPSS Percentile
85.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-125
Status
published
Products (9)
microsoft/windows_10
20h2 (3 CPE variants)
microsoft/windows_10
21h1 (3 CPE variants)
microsoft/windows_10
21h2 (3 CPE variants)
microsoft/windows_10
1809 (3 CPE variants)
microsoft/windows_10
1909 (3 CPE variants)
microsoft/windows_11
(2 CPE variants)
microsoft/windows_server
20h2
microsoft/windows_server
2022
microsoft/windows_server_2019
Published
Jan 11, 2022
Tracked Since
Feb 18, 2026