CVE-2021-33771
Published: 14 July 2021
Summary
CVE-2021-33771 is a high-severity an unspecified weakness vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 8.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2021-33771 is a Windows Kernel Elevation of Privilege Vulnerability affecting the Windows kernel component. It carries a CVSS 3.1 base score of 7.8 with an attack vector of local access, low attack complexity, low privileges required, and no user interaction, resulting in high impact to confidentiality, integrity, and availability.
An attacker with local access and limited privileges can exploit the flaw to escalate privileges on the affected system, potentially obtaining full control over the Windows kernel and its resources.
Microsoft security advisories referenced at portal.msrc.microsoft.com provide guidance on available patches, while the CISA Known Exploited Vulnerabilities catalog entry confirms the issue has been observed in active exploitation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-20448
Vulnerability details
Windows Kernel Elevation of Privilege Vulnerability
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters the low-privilege local escalation path by restricting accounts and processes to only the rights needed for their function.
Requires timely application of the vendor patches referenced in the MSRC advisory to eliminate the kernel flaw before exploitation.
Enforces kernel-level access decisions that the vulnerability bypasses, limiting the ability of unprivileged code to obtain unauthorized rights.