Summaryinfo

A vulnerability, which was classified as critical, has been found in Microsoft Windows up to Server 2019. Impacted is an unknown function of the component Graphics. Performing a manipulation results in an unknown weakness. This vulnerability is identified as CVE-2021-31170. The attack can be initiated remotely. There is not any exploit available. Applying a patch is the recommended action to fix this issue.

Detailsinfo

A vulnerability classified as critical has been found in Microsoft Windows up to Server 2019 (Operating System). This affects an unknown functionality of the component Graphics. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was released 05/11/2021 as confirmed security guidance (Website). The advisory is shared at portal.msrc.microsoft.com. This vulnerability is uniquely identified as CVE-2021-31170. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 05/12/2021).

Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Operating System

Vendor

• Microsoft

Name

• Windows

Version

• 10 20H2
• 10 1803
• 10 1809
• 10 1909
• 10 2004
• Server 20H2
• Server 1909
• Server 2004
• Server 2019

License

• commercial

Website

• Vendor: https://www.microsoft.com/
• Product: https://www.microsoft.com/en-us/windows

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion