CVE-2021-26899

Published Mar 11, 2021

Last updated a year ago

Overview

Description: Windows UPnP Device Host Elevation of Privilege Vulnerability
Source: secure@microsoft.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "084984D5-D241-497B-B118-50C6C1EAD468"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "BA592626-F17C-4F46-823B-0947D102BBD2"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:-:*",
            "vulnerable": true,
            "matchCriteriaId": "EBBC793C-D584-46DA-BCD1-2844810152B0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "897A48D7-FCA1-4560-AFBB-718AF19BA3A2"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "507EB48C-F479-424C-8ABA-C279AB4FE3F4"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:-:*",
            "vulnerable": true,
            "matchCriteriaId": "4503B88E-3ECB-4B0A-A813-077157D1EF0C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:-:*",
            "vulnerable": true,
            "matchCriteriaId": "DBE7565D-AC25-4017-B2E4-4B463D7680DB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:-:*",
            "vulnerable": true,
            "matchCriteriaId": "6EE4C8CA-0351-499C-9E59-D31CEA7BC7B0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "85A7C1C6-7390-4B26-8FED-F067EC3DF1A0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "2E91BCB5-D0F7-4D53-BC85-D114C2D87A9C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "9D654D3A-6A99-4904-8B37-E52E80F7C85A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "01A6D6B4-B97F-4C8C-AD09-11454F0A39CE"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66CAFDB7-9D41-4E67-AB83-5EB104551FF5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:x86:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC633D8A-2E7A-4115-95AC-555C42F4942D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:-:*:-:*",
            "vulnerable": true,
            "matchCriteriaId": "44A1A867-3DAC-4C42-A091-E07B6672EE6F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A190388-AA82-4504-9D5A-624F23268C9F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C253A63F-03AB-41CB-A03A-B2674DEA98AA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B60D940-80C7-49F0-8F4E-3F99AC15FA82"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References