Summaryinfo

A vulnerability labeled as critical has been found in Microsoft Windows. This vulnerability affects unknown code of the component Jet Red Database Engine/Access Connectivity Engine. The manipulation results in an unknown weakness. This vulnerability is known as CVE-2021-28455. It is possible to launch the attack remotely. No exploit is available. It is best practice to apply a patch to resolve this issue.

Detailsinfo

A vulnerability classified as critical has been found in Microsoft Windows (Operating System). Affected is an unknown part of the component Jet Red Database Engine/Access Connectivity Engine. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was published 05/11/2021 as confirmed security guidance (Website). The advisory is available at portal.msrc.microsoft.com. This vulnerability is traded as CVE-2021-28455. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $5k-$25k at the moment (estimation calculated on 05/12/2021).

Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Operating System

Vendor

• Microsoft

Name

• Windows

Version

• 7 SP1
• 8.1
• 10
• 10 20H2
• 10 1607
• 10 1803
• 10 1809
• 10 1909
• 10 2004
• RT 8.1
• Server 20H2
• Server 1909
• Server 2004
• Server 2008 R2 SP1
• Server 2008 SP2
• Server 2012
• Server 2012 R2
• Server 2016
• Server 2019

License

• commercial

Website

• Vendor: https://www.microsoft.com/
• Product: https://www.microsoft.com/en-us/windows

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion