7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.816 High
EPSS
Percentile
98.4%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2021-34533 critical
CVE-2021-26424 critical
CVE-2021-34537 critical
CVE-2021-26425 critical
CVE-2021-36936 critical
CVE-2021-34483 critical
CVE-2021-36937 critical
CVE-2021-36942 critical
CVE-2021-36947 critical
CVE-2021-34484 critical
CVE-2021-34535 critical
CVE-2021-36927 critical
CVE-2021-34480 high
CVE-2021-36948 critical
CVE-2021-26433 critical
CVE-2021-36945 high
CVE-2021-26432 critical
CVE-2021-36926 critical
CVE-2021-34487 high
CVE-2021-34530 critical
CVE-2021-34534 high
CVE-2021-34486 critical
CVE-2021-36932 critical
CVE-2021-26431 critical
CVE-2021-26426 high
CVE-2021-34536 critical
CVE-2021-36933 critical
CVE-2021-36938 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4023814
support.microsoft.com/kb/5005030
support.microsoft.com/kb/5005031
support.microsoft.com/kb/5005033
support.microsoft.com/kb/5005036
support.microsoft.com/kb/5005040
support.microsoft.com/kb/5005043
support.microsoft.com/kb/5005076
support.microsoft.com/kb/5005094
support.microsoft.com/kb/5005099
support.microsoft.com/kb/5005106
support.microsoft.com/kb/5011527
support.microsoft.com/kb/5011535
support.microsoft.com/kb/5011560
support.microsoft.com/kb/5011564
nvd.nist.gov/vuln/detail/CVE-2021-26424
nvd.nist.gov/vuln/detail/CVE-2021-26425
nvd.nist.gov/vuln/detail/CVE-2021-26426
nvd.nist.gov/vuln/detail/CVE-2021-26431
nvd.nist.gov/vuln/detail/CVE-2021-26432
nvd.nist.gov/vuln/detail/CVE-2021-26433
nvd.nist.gov/vuln/detail/CVE-2021-34480
nvd.nist.gov/vuln/detail/CVE-2021-34483
nvd.nist.gov/vuln/detail/CVE-2021-34484
nvd.nist.gov/vuln/detail/CVE-2021-34486
nvd.nist.gov/vuln/detail/CVE-2021-34487
nvd.nist.gov/vuln/detail/CVE-2021-34530
nvd.nist.gov/vuln/detail/CVE-2021-34533
nvd.nist.gov/vuln/detail/CVE-2021-34534
nvd.nist.gov/vuln/detail/CVE-2021-34535
nvd.nist.gov/vuln/detail/CVE-2021-34536
nvd.nist.gov/vuln/detail/CVE-2021-34537
nvd.nist.gov/vuln/detail/CVE-2021-36926
nvd.nist.gov/vuln/detail/CVE-2021-36927
nvd.nist.gov/vuln/detail/CVE-2021-36932
nvd.nist.gov/vuln/detail/CVE-2021-36933
nvd.nist.gov/vuln/detail/CVE-2021-36936
nvd.nist.gov/vuln/detail/CVE-2021-36937
nvd.nist.gov/vuln/detail/CVE-2021-36938
nvd.nist.gov/vuln/detail/CVE-2021-36942
nvd.nist.gov/vuln/detail/CVE-2021-36945
nvd.nist.gov/vuln/detail/CVE-2021-36947
nvd.nist.gov/vuln/detail/CVE-2021-36948
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.816 High
EPSS
Percentile
98.4%