Lucene search
Abdelhamid Naceri (halov)ZDI-21-330HistoryMar 17, 2021 - 12:00 a.m.
Microsoft Windows EFI Partition Incorrect Authorization Denial-of-Service Vulnerability
2021-03-1700:00:00
Abdelhamid Naceri (halov)
www.zerodayinitiative.com
24
microsoft windows
efi partition
denial-of-service
vulnerability
local attackers
execution
low-privileged code
windows kernel
authorization logic
file access
EPSS
0.001
Percentile
48.6%
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows kernel. The issue results from improper authorization logic when accessing files in the EFI partition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
cvelist
cvelist
nvd
nvd
CVE-2021-26892
2021-03-11 16:15:16
mscve
mscve
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
2021-03-09 08:00:00
cve
cve
CVE-2021-26892
2021-03-11 16:15:16
prion
prion
Security feature bypass
2021-03-11 16:15:00
avleonov
avleonov
nessus
nessus
KB5000803: Windows Security Update (March 2021)
2021-03-09 00:00:00
KB5000809: Windows 10 Version 1803 March 2021 Security Update
2021-03-09 00:00:00
KB5000802: Windows Security Update (March 2021)
2021-03-09 00:00:00
mskb
mskb
March 9, 2021—KB5000809 (OS Build 17134.2087)
2021-03-09 08:00:00
March 9, 2021—KB5000803 (OS Build 14393.4283) - EXPIRED
2021-03-09 08:00:00
March 9, 2021—KB5000822 (OS Build 17763.1817)
2021-03-09 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5000802)
2021-03-10 00:00:00
kaspersky
kaspersky
KLA12111 Multiple vulnerabilities in Microsoft Windows
2021-03-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2021
2021-03-09 22:13:03