Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiMarcin WiazowskiZDI-21-895
HistoryJul 28, 2021 - 12:00 a.m.

Microsoft Windows Canonical Display Driver DrvTransparentBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

2021-07-2800:00:00
Marcin Wiazowski
www.zerodayinitiative.com
48

0.001 Low

EPSS

Percentile

32.4%

JSON

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Related

zdi 19
prion 1
mscve 1
cvelist 1
cnvd 1
nvd 1
cve 1
mskb 13
nessus 9
kaspersky 2
openvas 8
rapid7blog 1
zdi
zdi
Microsoft Windows Canonical Display Driver DrvTextOut Untrusted Pointer Dereference Privilege Escalation Vulnerability
2021-08-26 00:00:00
Microsoft Windows Canonical Display Driver DrvStrokePath NULL Pointer Dereference Privilege Escalation Vulnerability
2021-08-26 00:00:00
Microsoft Windows Canonical Display Driver DrvStretchBltROPInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
2021-08-26 00:00:00
prion
prion
Privilege escalation
2021-07-14 18:15:00
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2021-07-13 07:00:00
cvelist
cvelist
CVE-2021-34516 Win32k Elevation of Privilege Vulnerability
2021-07-14 17:54:31
cnvd
cnvd
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66089)
2021-07-15 00:00:00
nvd
nvd
CVE-2021-34516
2021-07-14 18:15:12
cve
cve
CVE-2021-34516
2021-07-14 18:15:12
mskb
mskb
July 13, 2021—KB5004299 (Security-only update)
2021-07-13 07:00:00
July 13, 2021—KB5004305 (Monthly Rollup)
2021-07-13 07:00:00
July 13, 2021—KB5004289 (Monthly Rollup)
2021-07-13 07:00:00
nessus
nessus
KB5004305: Windows Server 2008 Security Update (July 2021)
2021-07-13 00:00:00
KB5004307: Windows 7 and Windows Server 2008 R2 Security Update (July 2021)
2021-07-13 00:00:00
KB5004302: Windows Server 2012 Security Update (July 2021)
2021-07-13 00:00:00
kaspersky
kaspersky
KLA12226 Multiple vulnerabilities in Microsoft Products (ESU)
2021-07-13 00:00:00
KLA12221 Multiple vulnerabillities in Microsoft Windows
2021-07-13 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5004298)
2021-07-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5004289)
2021-07-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5004305)
2021-07-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2021
2021-07-13 20:56:26

0.001 Low

EPSS

Percentile

32.4%

JSON
Related for ZDI-21-895
zdi19prion1mscve1cvelist1cnvd1nvd1cve1mskb13nessus9kaspersky2openvas8rapid7blog1