CNVD-2021-48427

Vulnerability from cnvd - Published: 2021-07-07
VLAI Severity ?
Title
Microsoft Windows Print Spooler权限提升漏洞
Description
Windows Print Spooler是Windows的打印机后台处理程序 Microsoft Windows Print Spooler存在权限提升漏洞。攻击者可利用该漏洞提升权限。
Severity
Patch Name
Microsoft Windows Print Spooler权限提升漏洞的补丁
Patch Description
Windows Print Spooler是Windows的打印机后台处理程序 Microsoft Windows Print Spooler存在权限提升漏洞。攻击者可利用该漏洞提升权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675

Impacted products
Name
['Microsoft Corporation Windows RT 8.1', 'Microsoft Corporation Windows Server 2012', 'Microsoft Corporation Windows Server 2016', 'Microsoft Corporation Windows Server 2012 R2', 'Microsoft Corporation Windows 7 for x64-based Systems SP1', 'Microsoft Corporation Windows 7 for 32-bit Systems SP1', 'Microsoft Corporation Windows 10 for 32-bit Systems', 'Microsoft Corporation Windows Server 2019', 'Microsoft Corporation Windows Server 20H2 (Server Core Insta', 'Microsoft Corporation Windows Server 2004 (Server Core insta', 'Microsoft Corporation Windows Server 2012 R2 (Server Core in', 'Microsoft Corporation Windows Server 2012 (Server Core insta', 'Microsoft Corporation Windows Server 2016 (Server Core Insta', 'Microsoft Corporation Windows Server 2019 (Server Core Insta', 'Microsoft Corporation Windows 10 21H1 for x64-based Systems', 'Microsoft Corporation Windows 10 1607 for x64-based Systems', 'Microsoft Corporation Windows 10 1909 for x64-based Systems', 'Microsoft Corporation Windows 10 for x64-based Systems', 'Microsoft Corporation Windows 10 20H2 for x64-based Systems', 'Microsoft Corporation Windows 10 2004 for x64-based Systems', 'Microsoft Corporation Windows 10 2004 for 32-bit Systems', 'Microsoft Corporation Windows 10 21H1 for 32-bit Systems', 'Microsoft Corporation Windows 10 20H2 for 32-bit Systems', 'Microsoft Corporation Windows 8.1 for x64-based systems', 'Microsoft Corporation Windows 10 20H2 for ARM64-based Systems', 'Microsoft Corporation Windows 10 1909 for 32-bit Systems', 'Microsoft Corporation Windows 10 1607 for 32-bit Systems', 'Microsoft Corporation Windows Server 2008 for x64-based Syst', 'Microsoft Corporation Windows 10 1909 for ARM64-based Systems', 'Microsoft Corporation Windows 8.1 for 32-bit systems', 'Microsoft Corporation Windows Server 2008 R2 for x64-based S', 'Microsoft Corporation Windows Server 2008 for 32-bit Systems', 'Microsoft Corporation Windows 10 21H1 for ARM64-based Systems', 'Microsoft Corporation Windows 10 2004 for ARM64-based Systems']
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-1675",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-1675"
    }
  },
  "description": "Windows Print Spooler\u662fWindows\u7684\u6253\u5370\u673a\u540e\u53f0\u5904\u7406\u7a0b\u5e8f\n\nMicrosoft Windows Print Spooler\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-48427",
  "openTime": "2021-07-07",
  "patchDescription": "Windows Print Spooler\u662fWindows\u7684\u6253\u5370\u673a\u540e\u53f0\u5904\u7406\u7a0b\u5e8f\r\n\r\nMicrosoft Windows Print Spooler\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Print Spooler\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Corporation Windows RT 8.1",
      "Microsoft Corporation Windows Server 2012",
      "Microsoft Corporation Windows Server 2016",
      "Microsoft Corporation Windows Server 2012 R2",
      "Microsoft Corporation Windows 7 for x64-based Systems SP1",
      "Microsoft Corporation Windows 7 for 32-bit Systems SP1",
      "Microsoft Corporation Windows 10 for 32-bit Systems",
      "Microsoft Corporation Windows Server 2019",
      "Microsoft Corporation Windows Server 20H2 (Server Core Insta",
      "Microsoft Corporation Windows Server 2004 (Server Core insta",
      "Microsoft Corporation Windows Server 2012 R2 (Server Core in",
      "Microsoft Corporation Windows Server 2012 (Server Core insta",
      "Microsoft Corporation Windows Server 2016 (Server Core Insta",
      "Microsoft Corporation Windows Server 2019 (Server Core Insta",
      "Microsoft Corporation Windows 10 21H1 for x64-based Systems",
      "Microsoft Corporation Windows 10 1607 for x64-based Systems",
      "Microsoft Corporation Windows 10 1909 for x64-based Systems",
      "Microsoft Corporation Windows 10 for x64-based Systems",
      "Microsoft Corporation Windows 10 20H2 for x64-based Systems",
      "Microsoft Corporation Windows 10 2004 for x64-based Systems",
      "Microsoft Corporation Windows 10 2004 for 32-bit Systems",
      "Microsoft Corporation Windows 10 21H1 for 32-bit Systems",
      "Microsoft Corporation Windows 10 20H2 for 32-bit Systems",
      "Microsoft Corporation Windows 8.1 for x64-based systems",
      "Microsoft Corporation Windows 10 20H2 for ARM64-based Systems",
      "Microsoft Corporation Windows 10 1909 for 32-bit Systems",
      "Microsoft Corporation Windows 10 1607 for 32-bit Systems",
      "Microsoft Corporation Windows Server 2008 for x64-based Syst",
      "Microsoft Corporation Windows 10 1909 for ARM64-based Systems",
      "Microsoft Corporation Windows 8.1 for 32-bit systems",
      "Microsoft Corporation Windows Server 2008 R2 for x64-based S",
      "Microsoft Corporation Windows Server 2008 for 32-bit Systems",
      "Microsoft Corporation Windows 10 21H1 for ARM64-based Systems",
      "Microsoft Corporation Windows 10 2004 for ARM64-based Systems"
    ]
  },
  "serverity": "\u9ad8",
  "submitTime": "2021-07-07",
  "title": "Microsoft Windows Print Spooler\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.