← Voltar para CVEs
CVE-2021-36958
HIGH7.8
Descricao
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
Detalhes CVE
Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado8/12/2021
Ultima modificacao2/24/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
microsoft:windows
Referencias
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36958(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36958(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/131152(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.