6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.4%
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface.
Below is a complete list of vulnerabilities:
CVE-2020-16044 critical
CVE-2021-21119 critical
CVE-2021-21140 high
CVE-2021-21139 high
CVE-2021-21135 high
CVE-2021-21136 high
CVE-2021-21129 high
CVE-2021-21130 high
CVE-2021-21122 critical
CVE-2021-21134 high
CVE-2021-21125 critical
CVE-2021-21131 high
CVE-2021-21126 high
CVE-2021-21132 critical
CVE-2021-21128 critical
CVE-2021-21120 critical
CVE-2021-21137 high
CVE-2021-21124 critical
CVE-2021-21123 high
CVE-2021-21127 critical
CVE-2021-21141 high
CVE-2021-21121 critical
CVE-2021-21133 high
CVE-2021-21118 critical
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16044
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21118
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21119
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21120
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21121
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21122
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21123
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21124
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21125
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21126
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21127
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21128
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21129
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21130
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21131
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21132
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21133
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21134
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21135
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21136
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21137
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21139
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21140
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21141
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.4%