CVE-2021-31956

high

Description

Windows NTFS Elevation of Privilege Vulnerability

From the Tenable Blog

Microsoft’s June 2021 Patch Tuesday Addresses 49 CVEs (CVE-2021-31955, CVE-2021-31956 and CVE-2021-33742)

Microsoft’s June 2021 Patch Tuesday Addresses 49 CVEs (CVE-2021-31955, CVE-2021-31956 and CVE-2021-33742)

Published: 2021-06-08

Microsoft addresses 49 CVEs with six having been observed as exploited in the wild 5Critical 44Important 0Moderate 0Low Microsoft patched 49 CVEs in its June 2021 Patch Tuesday release, including five CVEs rated as critical and 44 rated as important.

References

https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective

https://www.tenable.com/blog/microsoft-june-2021-patch-tuesday-49-cves-cve-2021-31955-cve-2021-31956-and-cve-2021-33742

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956

Details

Source: Mitre, NVD

Published: 2021-06-08

Updated: 2025-03-07

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.87614