PT-2021-2617 · Microsoft · Windows
Yuki Chen
·
Published
2021-04-13
·
Updated
2023-12-29
·
CVE-2021-28338
CVSS v2.0
10
10
High
| Base vector | Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Microsoft Windows (affected versions not specified)
Description:
The issue is related to incorrect code generation management in the Procedure Call Runtime component of Microsoft Windows operating systems. This can be exploited by a remote attacker to execute arbitrary code, potentially affecting the system. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Code Injection
Weakness Enumeration
Related Identifiers
BDU:2021-02107
CVE-2021-28338
Affected Products
Windows
References · 13
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28338 · Vendor Advisory
- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-28338 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28338 · Security Note
- https://bdu.fstec.ru/vul/2021-02107 · Security Note
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28338 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-28338 · Security Note
- https://t.me/cvenotify/13395 · Telegram Post
- https://t.me/avleonovcom/862 · Telegram Post
- https://t.me/cvenotify/13401 · Telegram Post
- https://t.me/cvenotify/13463 · Telegram Post
- https://t.me/cvenotify/13394 · Telegram Post
- https://t.me/cvenotify/13402 · Telegram Post
- https://cybersecurity-help.cz/vdb/SB2021041311 · Note