Lucene search
Fraunhofer FKIE CA&DZDI-21-1554HistoryDec 21, 2021 - 12:00 a.m.
Microsoft Windows tcpip.sys Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
2021-12-2100:00:00
Fraunhofer FKIE CA&D
www.zerodayinitiative.com
18
0.001 Low
EPSS
Percentile
27.2%
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the tcpip.sys driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
cvelist
cvelist
CVE-2021-43247 Windows TCP/IP Driver Elevation of Privilege Vulnerability
2021-12-15 14:15:27
mscve
mscve
Windows TCP/IP Driver Elevation of Privilege Vulnerability
2021-12-14 08:00:00
prion
prion
Privilege escalation
2021-12-15 15:15:00
nvd
nvd
CVE-2021-43247
2021-12-15 15:15:10
cve
cve
CVE-2021-43247
2021-12-15 15:15:10
nessus
nessus
KB5008215: Windows 11 Security Update (December 2021)
2021-12-14 00:00:00
KB5008223: Windows Server 2022 Security Update (December 2021)
2021-12-14 00:00:00
mskb
mskb
December 14, 2021âKB5008218 (OS Build 17763.2366)
2021-12-14 08:00:00
December 14, 2021âKB5008223 (OS Build 20348.405)
2021-12-14 08:00:00
December 14, 2021âKB5008206 (OS Build 18363.1977)
2021-12-14 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5008218)
2021-12-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5008212)
2021-12-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5008206)
2021-12-15 00:00:00
kaspersky
kaspersky
KLA12387 Multiple vulnerabilities in Microsoft Windows
2021-12-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - December 2021
2021-12-14 22:12:53