VDB
CVE-2021-43637
CVE-2021-43637
PUBLISHED
CVSS 8.800000190734863 HIGH
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
EPSS 0.08% · 22.8th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0.08%
22.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| amazon | workspaces | 0 |
Timeline
- Dec 7, 2021 CVE Published
- Dec 8, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 1, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jul 15, 2022 EPSS Score
- Sep 8, 2022 EPSS Score
- Nov 2, 2022 EPSS Score
- Dec 26, 2022 EPSS Score
- Feb 19, 2023 EPSS Score
References
- https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ url
- https://nvd.nist.gov/vuln/detail/CVE-2021-43637 advisory
- https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services url