CVE-2021-38624 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-38624 PUBLISHED CVSS 6.5 MEDIUM

Windows Key Storage Provider Security Feature Bypass Vulnerability

EPSS 0.39% · 60.0th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C

EPSS Score

0.39%

60.0th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Windows 10 Version 20H2	10.0.0
Microsoft	Windows Server 2019	10.0.0
Microsoft	Windows 10 Version 1809	10.0.0
Microsoft	Windows 11 version 21H2	10.0.0
Microsoft	Windows Server 2022	10.0.0
Microsoft	Windows Server 2019 (Server Core installation)	10.0.0
microsoft	windows_server_2016	2004, 20h2
Microsoft	Windows 10 Version 1909	10.0.0
microsoft	windows_server_2022
Microsoft	Windows Server version 20H2	10.0.0
Microsoft	Windows Server version 2004	10.0.0
microsoft	windows_server_2019
Microsoft	Windows 10 Version 2004	10.0.0
microsoft	windows_10	2004, 20h2, *
Microsoft	Windows 10 Version 21H1	10.0.0

Timeline

Jul 2, 2021 PoC Published
Sep 15, 2021 CVE Published
Sep 16, 2021 EPSS Score
Sep 23, 2021 PoC Published
Sep 28, 2021 EPSS Score
Nov 12, 2021 EPSS Score
Jan 8, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 6, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Aug 24, 2022 EPSS Score

References

Open in Interactive Console →