CVE-2021-31168 — Vulnetix

CVE-2021-31168 PUBLISHED CVSS 7.800000190734863 HIGH

Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31169, CVE-2021-31208.

EPSS 0.33% · 56.3th percentile

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

EPSS Score

0.33%

56.3th percentile

Affected Products

Vendor	Product	Versions
microsoft	windows_10	20h2, 2004
Microsoft	Windows Server version 2004	10.0.0
Microsoft	Windows 10 Version 2004	10.0.0
Microsoft	Windows 10 Version 20H2	10.0.0
microsoft	windows_server_2016	20h2, 2004
Microsoft	Windows Server version 20H2	10.0.0

Exploit Intelligence

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31168 (circl)
http://packetstormsecurity.com/files/162556/Windows-Container-Manager-Service-CmsRpcSrv_MapVirtualDiskToContainer-Privilege-Escalation.html (circl)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)
exploit_cve_2021_31166.yar (github-yara)

…and 32 more exploits

Timeline

May 11, 2021 CVE Published
May 12, 2021 EPSS Score
May 15, 2021 EPSS Score
Jul 15, 2021 EPSS Score
Sep 23, 2021 PoC Published
Nov 15, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 16, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 19, 2022 EPSS Score
Jul 21, 2022 EPSS Score
Sep 21, 2022 EPSS Score

References

Open in Interactive Console →