Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2021-38624

Опубликовано: 14 сент. 2021
Источник: msrc
CVSS3: 6.5
EPSS Низкий

Описание

Windows Key Storage Provider Security Feature Bypass Vulnerability

FAQ

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the Windows Key Storage Provider which issues key certificates for trust in attestation scenarios.

Обновления

ПродуктСтатьяОбновление
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems

Показывать по

Возможность эксплуатации

Publicly Disclosed

No

Exploited

No

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 64%
0.00473
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVSS3: 6.5
nvd
почти 4 года назад

Windows Key Storage Provider Security Feature Bypass Vulnerability

CVSS3: 6.5
github
около 3 лет назад

Windows Key Storage Provider Security Feature Bypass Vulnerability

CVSS3: 6.5
fstec
почти 4 года назад

Уязвимость службы Key Storage Provider (KSP) операционной системы Microsoft Windows, позволяющая нарушителю обойти процесс аутентификации

EPSS

Процентиль: 64%
0.00473
Низкий

6.5 Medium

CVSS3