Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
1

CVE-2021-31956

Exploited in the Wild
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Windows NTFS Elevation of Privilege Vulnerability
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The team at Kaspersky have reported threat actors are exploiting this Microsoft Windows OS kernel vulnerability

Source: https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Exploited in the Wild

Reported by:
Reported: June 08, 2021 6:54pm UTC (4 days ago)

Additional Info

Technical Analysis