CVE-2021-26889

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Update Stack, which is caused by insecure privilege management. This vulnerability can be exploited to allow an attacker to elevate their privileges or execute arbitrary code. The vulnerability affects the system and can be exploited by attackers.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Link Following

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59CWE-269

Related Identifiers

BDU:2021-01676

CVE-2021-26889

ZDI-21-328

Affected Products

Windows

CVE-2021-26889

Weakness Enumeration

Related Identifiers

Affected Products

References · 9