Vulnerability Name:

CVE-2021-34516 (CCN-204641)

Assigned:2021-07-13
Published:2021-07-13
Updated:2022-07-12
Summary:Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34449.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2021-34516

Source: XF
Type: UNKNOWN
ms-windows-cve202134516-priv-esc(204641)

Source: CCN
Type: Microsoft Security TechCenter - July 2021
Win32k Elevation of Privilege Vulnerability

Source: MISC
Type: Patch, Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34516

Source: CCN
Type: ZDI-21-1004
Microsoft Windows Canonical Display Driver DrvLineTo Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1004/

Source: CCN
Type: ZDI-21-1005
Microsoft Windows Canonical Display Driver DrvGradientFill Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1005/

Source: CCN
Type: ZDI-21-1006
Microsoft Windows Canonical Display Driver DrvStrokePath Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1006/

Source: CCN
Type: ZDI-21-1007
Microsoft Windows Canonical Display Driver DrvStrokeAndFillPath Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1007/

Source: CCN
Type: ZDI-21-1008
Microsoft Windows Canonical Display Driver DrvTextOut Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1008/

Source: CCN
Type: ZDI-21-1009
Microsoft Windows Canonical Display Driver DrvFillPath Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1009/

Source: CCN
Type: ZDI-21-1010
Microsoft Windows Canonical Display Driver DrvPlgBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1010/

Source: CCN
Type: ZDI-21-1011
Microsoft Windows Canonical Display Driver DrvStretchBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1011/

Source: CCN
Type: ZDI-21-1012
Microsoft Windows Canonical Display Driver DrvStretchBltROPInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1012/

Source: CCN
Type: ZDI-21-1013
Microsoft Windows Canonical Display Driver DrvBitBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1013/

Source: CCN
Type: ZDI-21-1014
Microsoft Windows Canonical Display Driver DrvAlphaBlendInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1014/

Source: CCN
Type: ZDI-21-1015
Microsoft Windows Canonical Display Driver DrvBitBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1015/

Source: CCN
Type: ZDI-21-1016
Microsoft Windows Canonical Display Driver DrvLineTo NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1016/

Source: CCN
Type: ZDI-21-1017
Microsoft Windows Canonical Display Driver DrvStrokeAndFillPath NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1017/

Source: CCN
Type: ZDI-21-1018
Microsoft Windows Canonical Display Driver DrvStrokePath NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1018/

Source: CCN
Type: ZDI-21-1019
Microsoft Windows Canonical Display Driver DrvGradientFill NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1019/

Source: CCN
Type: ZDI-21-1020
Microsoft Windows Canonical Display Driver DrvTextOut NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1020/

Source: CCN
Type: ZDI-21-1021
Microsoft Windows Canonical Display Driver DrvFillPath NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1021/

Source: CCN
Type: ZDI-21-1022
Microsoft Windows Canonical Display Driver ColorFillBitmap NULL Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-1022/

Source: CCN
Type: ZDI-21-895
Microsoft Windows Canonical Display Driver DrvTransparentBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-895/

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:1607:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:20h2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:21h1:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:1809:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:1909:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:2004:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_20h2:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2004:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x86:*
  • OR cpe:/o:microsoft:windows_7::sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_8.1:::~~~~x64~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10:::~~~~x64~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:1809::~~~~x64~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:1809:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*
  • OR cpe:/o:microsoft:windows_10:1607:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10:1607::~~~~x64~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:2004:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10_2004:-:*:*:*:*:*:arm64:*
  • OR cpe:/o:microsoft:windows_10_2004:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_10:1909:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*
  • OR cpe:/o:microsoft:windows_10:20h2:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10_20h2:-:*:*:*:*:*:arm64:*
  • OR cpe:/o:microsoft:windows_10_20h2:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server:2004:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server:20h2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_10:21h1:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10_21h1:-:*:*:*:*:*:arm64:*
  • OR cpe:/o:microsoft:windows_10_21h1:-:*:*:*:*:*:x64:*

  • * Denotes that component is vulnerable
    BACK
    microsoft windows server 2008 r2 sp1
    microsoft windows server 2012 r2
    microsoft windows 10 1607
    microsoft windows 8.1 -
    microsoft windows server 2016 -
    microsoft windows server 2008 - sp2
    microsoft windows 7 - sp1
    microsoft windows rt 8.1 -
    microsoft windows server 2012 -
    microsoft windows 10 -
    microsoft windows 10 20h2
    microsoft windows 10 21h1
    microsoft windows 10 1809
    microsoft windows 10 1909
    microsoft windows 10 2004
    microsoft windows server 2016 20h2
    microsoft windows server 2016 2004
    microsoft windows server 2019 -
    microsoft windows server 2008 sp2
    microsoft windows server 2008 sp2
    microsoft windows 7 - sp1
    microsoft windows 7 sp1
    microsoft windows server 2008 r2
    microsoft windows server 2012
    microsoft windows 8.1 - -
    microsoft windows 8.1
    microsoft windows server 2012 r2
    microsoft windows rt 8.1 -
    microsoft windows 10 -
    microsoft windows 10
    microsoft windows server 2016
    microsoft windows server 2019
    microsoft windows 10 1809
    microsoft windows 10 1809
    microsoft windows 10 1809
    microsoft windows 10 1607
    microsoft windows 10 1607
    microsoft windows 10 2004
    microsoft windows 10 2004
    microsoft windows 10 2004
    microsoft windows 10 1909
    microsoft windows 10 1909
    microsoft windows 10 1909
    microsoft windows 10 20h2
    microsoft windows 10 20h2
    microsoft windows 10 20h2
    microsoft windows server 2019
    microsoft windows server 2004
    microsoft windows server 20h2
    microsoft windows server 2016
    microsoft windows server 2012 r2
    microsoft windows server 2012
    microsoft windows server 2008 sp2
    microsoft windows server 2008 r2
    microsoft windows 10 21h1
    microsoft windows 10 21h1
    microsoft windows 10 21h1