Archive 01/12/2021

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

IDBaseTempVulnerability0dayTodayExpRemCTICVE
1677097.36.3Microsoft Windows Win32k privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1709
1677087.86.8Microsoft Windows WalletService privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1690
1677077.86.8Microsoft Windows WalletService privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1687
1677067.86.8Microsoft Windows WalletService privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1686
1677057.86.8Microsoft Windows WalletService privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.04CVE-2021-1681
1677047.06.1Microsoft Windows WLAN Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1646
1677038.37.2Microsoft Windows Update Stack privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1694
1677027.86.8Microsoft Windows Runtime C++ Template Library privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1650
1677017.86.8Microsoft Windows RPC Runtime privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1702
1677008.87.7Microsoft Windows RDP authorization$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1669
1676998.87.7Microsoft Windows RDP Core Remote Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.09CVE-2021-1674
1676985.54.8Microsoft Windows Projected File System FS Filter Driver information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.05CVE-2021-1672
1676975.54.8Microsoft Windows File System FS Filter Driver information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.04CVE-2021-1670
1676965.54.8Microsoft Windows Projected File System FS Filter Driver information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.06CVE-2021-1663
1676957.86.8Microsoft Windows Print Spooler privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1695
1676944.84.2Microsoft Windows NT Lan Manager Datagram Receiver Driver information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.06CVE-2021-1676
1676937.86.8Microsoft Windows Multipoint Management privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1689
1676927.86.8Microsoft Windows LUAFV privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1706
1676917.36.3Microsoft Windows Kernel privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.04CVE-2021-1682
1676907.86.8Microsoft Windows Installer privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1661
1676897.86.8Microsoft Windows InstallService privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1697
1676887.56.5Microsoft Windows Hyper-V privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1704
1676875.14.5Microsoft Windows Graphics information disclosure$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1696
1676865.04.4Microsoft Windows GDI+ information disclosure$5k-$25k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1708
1676857.36.4Microsoft Windows Fax Compose Form privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1657
1676847.86.8Microsoft Windows Event Tracing privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1662
1676837.86.8Microsoft Windows Event Logging Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1703
1676825.24.5Microsoft Windows Docker information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.05CVE-2021-1645
1676815.54.8Microsoft Windows DNS Query information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.11CVE-2021-1637
1676806.55.7Microsoft Windows CryptoAPI denial of service$5k-$25k$5k-$25kUnprovenOfficial Fix0.07CVE-2021-1679
1676797.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1693
1676787.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix2.01CVE-2021-1688
1676777.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.15CVE-2021-1659
1676767.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1655
1676757.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1654
1676747.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1653
1676737.86.8Microsoft Windows CSC Service privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-1652
1676726.45.6Microsoft Windows Bluetooth authorization$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1638
1676714.43.9Microsoft Windows Bluetooth information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.05CVE-2021-1684
1676705.24.5Microsoft Windows Bluetooth information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix2.16CVE-2021-1683
1676697.56.5Microsoft Windows AppX Deployment Extensions privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix2.20CVE-2021-1685
1676687.86.8Microsoft Windows AppX Deployment Extensions privileges management$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1642
1676674.84.2Microsoft Windows modem.sys information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.05CVE-2021-1699
1676666.05.3Microsoft Visual Studio cross site scripting$5k-$25k$0-$5kUnprovenOfficial Fix0.06CVE-2020-26870
1676655.54.8Microsoft Windows TPM Device Driver information disclosure$5k-$25k$0-$5kUnprovenOfficial Fix0.41CVE-2021-1656
1676648.87.7Microsoft Windows RPC Runtime Remote Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.07CVE-2021-1701
1676638.87.7Microsoft Windows RPC Runtime Remote Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.04CVE-2021-1700
1676628.87.7Microsoft Windows RPC Runtime Remote Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.00CVE-2021-1673
1676618.87.7Microsoft Windows RPC Runtime Remote Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-1671
1676608.87.7Microsoft Windows RPC Runtime Remote Privilege Escalation$100k and more$25k-$100kUnprovenOfficial Fix0.04CVE-2021-1667

Might our Artificial Intelligence support you?

Check our Alexa App!