CVE-2021-40450

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-40450
Win32k Elevation of Privilege Vulnerability

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450 Patch Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
History

07 Mar 2025, 21:54

Type Values Removed Values Added
References (MISC) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450 - Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450 - Patch, Vendor Advisory
CVSS v2 : 4.6
v3 : 7.8 		v2 : 4.6
v3 : unknown

02 Jul 2024, 17:03

Type Values Removed Values Added
CPE cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*		 cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*
First Time Microsoft windows 10 2004
Microsoft windows Server 2004
Microsoft windows 11 21h2
Microsoft windows 10 21h1
Microsoft windows 10 20h2
Microsoft windows 10 1809
Microsoft windows 10 1909
Microsoft windows Server 20h2

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE CWE-269 NVD-CWE-noinfo

01 Aug 2023, 23:15

Type Values Removed Values Added
Summary Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357. Win32k Elevation of Privilege Vulnerability
Information

Published : 2021-10-13 01:15

Updated : 2025-03-07 21:54

NVD link : CVE-2021-40450

Mitre link : CVE-2021-40450

JSON object : View

Products Affected

microsoft

  • windows_11_21h2
  • windows_10_21h1
  • windows_server_20h2
  • windows_server_2019
  • windows_10_1909
  • windows_server_2022
  • windows_10_20h2
  • windows_server_2004
  • windows_10_1809
  • windows_10_2004
CWE
NVD-CWE-noinfo