- Description
- An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Data from CISA
- Vulnerability name
- Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability
- Exploit added on
- Nov 3, 2021
- Exploit action due
- May 3, 2022
- Required action
- Apply updates per vendor instructions.
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "B98DB3FF-CC3B-4E9F-A9CC-EC4C89AF3B31"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "8733BF37-7BF2-409D-9452-DA8A92DA1124"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "555C22C7-356D-4DA7-8CED-DA7423BBC6CF"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "D76003FB-EE99-4D8E-B6A0-B13C2041E5A0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "40151476-C0FD-4336-8194-039E8827B7C8"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "D82F8AF7-ED01-4649-849E-F248F0E02384"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "C1CFB53B-B17B-47BD-BAC1-C6C5D168FFB6"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "9E1ED169-6F03-4BD5-B227-5FA54DB40AD7"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "5C5B5180-1E12-45C2-8275-B9E528955307"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "B6A0DB01-49CB-4445-AFE8-57C2186857BA"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "FD3218D1-BE39-4CEB-A88F-E715B722862B"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "FFE3495D-291C-46B6-B758-23E16A53A7C3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",
"vulnerable": true,
"matchCriteriaId": "B320A104-9037-487E-BC9A-62B4A6B49FD0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
],
"operator": "OR"
}
]
}
]