Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-36948
HistoryAug 12, 2021 - 6:15 p.m.

CVE-2021-36948

2021-08-1218:15:10
[email protected]
web.nvd.nist.gov
7
cve-2021-36948
windows update
medic service
elevation of privilege

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

14.7%

JSON

Windows Update Medic Service Elevation of Privilege Vulnerability

Affected configurations

Nvd
Node
microsoftwindows_10_1809Range<10.0.17763.2114
OR
microsoftwindows_10_1909Range<10.0.18363.1734
OR
microsoftwindows_10_2004Range<10.0.19041.1165
OR
microsoftwindows_10_20h2Range<10.0.19042.1165
OR
microsoftwindows_10_21h1Range<10.0.19043.1165
OR
microsoftwindows_server_2004Range<10.0.19041.1165
OR
microsoftwindows_server_2019Range<10.0.17763.2114
OR
microsoftwindows_server_20h2Range<10.0.19042.1165
VendorProductVersionCPE
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
microsoftwindows_10_1909*cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*
microsoftwindows_10_2004*cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h1*cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
microsoftwindows_server_2004*cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_server_20h2*cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*

Related

cisa_kev 1
cve 1
cvelist 1
prion 1
attackerkb 1
checkpoint_advisories 1
mscve 1
thn 2
krebs 1
mssecure 1
malwarebytes 1
mmpc 1
avleonov 1
hivepro 1
threatpost 1
nessus 3
openvas 3
kaspersky 1
mskb 3
qualysblog 3
rapid7blog 1
googleprojectzero 1
cisa_kev
cisa_kev
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
2021-11-03 00:00:00
cve
cve
CVE-2021-36948
2021-08-12 18:15:10
cvelist
cvelist
CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability
2021-08-12 18:12:37
prion
prion
Privilege escalation
2021-08-12 18:15:00
attackerkb
attackerkb
CVE-2021-36948
2021-08-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Update Medic Service Privilege Escalation (CVE-2021-36948)
2021-08-12 00:00:00
mscve
mscve
Windows Update Medic Service Elevation of Privilege Vulnerability
2021-08-10 07:00:00
thn
thn
Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits
2022-07-28 11:18:00
Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability
2021-08-11 05:31:00
krebs
krebs
Microsoft Patch Tuesday, August 2021 Edition
2021-08-10 21:12:58
mssecure
mssecure
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
2022-07-27 14:00:00
malwarebytes
malwarebytes
PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday
2021-08-11 12:16:17
mmpc
mmpc
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
2022-07-27 14:00:00
avleonov
avleonov
Security News: Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail
2021-08-19 21:38:46
hivepro
hivepro
Critical Vulnerabilities revealed in Microsoft’s Patch Tuesday
2021-08-11 13:25:48
threatpost
threatpost
Actively Exploited Windows Zero-Day Gets a Patch
2021-08-10 21:17:58
nessus
nessus
KB5005031: Windows 10 Version 1909 Security Update (August 2021)
2021-08-10 00:00:00
KB5005030: Windows 10 Version 1809 and Windows Server 2019 Security Update (August 2021)
2021-08-10 00:00:00
KB5005033: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 Security Update (August 2021)
2021-08-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5005033)
2021-08-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5005030)
2021-08-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5005031)
2021-08-11 00:00:00
kaspersky
kaspersky
KLA12259 Multiple vulnerabilities in Microsoft Windows
2021-08-10 00:00:00
mskb
mskb
August 10, 2021—KB5005031 (OS Build 18363.1734)
2021-08-10 07:00:00
August 10, 2021—KB5005030 (OS Build 17763.2114)
2021-08-10 07:00:00
August 10, 2021—KB5005033 (OS Builds 19041.1165, 19042.1165, and 19043.1165)
2021-08-10 07:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities
2021-08-10 19:58:49
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
rapid7blog
rapid7blog
Patch Tuesday - August 2021
2021-08-11 03:19:33
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

14.7%

JSON
Related for NVD:CVE-2021-36948
cisa_kev1cve1cvelist1prion1attackerkb1checkpoint_advisories1mscve1thn2krebs1mssecure1malwarebytes1mmpc1avleonov1hivepro1threatpost1nessus3openvas3kaspersky1mskb3qualysblog3rapid7blog1googleprojectzero1