CVE-2021-31956

Name of the Vulnerable Software and Affected Versions Windows NTFS (affected versions not specified)

Description An elevation of privilege issue exists in the ntfs.sys driver due to improper access control. The flaw involves a heap overflow—a condition where data exceeds the allocated memory buffer on the heap—which allows the corruption of adjacent kernel objects. By manipulating the kernel heap, an attacker can create an arbitrary read/write primitive to steal a SYSTEM token from another process, thereby gaining elevated privileges on the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.