CVE-2021-34481 Windows Print Spooler Remote Code Execution Vulnerability
1 min readCVE-2021-34481 Windows Print Spooler Remote Code Execution Vulnerability
Published Date: 15 July 2021
Last updated: 10 Aug 2021
Impact/Risk
- Base Score 7.8 (High)
- Impact Score 5.9
- Impact change from an elevation of privilege to remote code execution (10 Aug 2021)
- Exploitability Score: 1.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Impact on Confidentiality: High
- Integrity: High
- Availability: High
- Exploit Code Maturity: Functional
Solution:
- Microsoft PAtch
- KB5005652—Manage new Point and Print default driver installation behavior (CVE-2021-34481)
Impacted OS:
- Win 10
- Win 7 sp1
- Win 8.1
- Windows rt 8.1
- Windows Server 2008
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
CWE
- CWE-269 http://cwe.mitre.org/data/definitions/269.html
- CWE Name: Improper Privilege Management