KEV · Actively exploited
CVE-2021-31166
CRITICAL 9.8
KEV
HTTP Protocol Stack Remote Code Execution Vulnerability
EPSS
93.07%
exploit likely
percentile 99.8%
CISA Known Exploited Vulnerability
- Added to KEV
- 2022-04-06
- Remediation deadline
- 2022-04-27
- Required action
- Apply updates per vendor instructions.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows 10 20H2 · 2020-H2 10.0.19042.982 Windows 10 2004 · 2020-04 10.0.19041.982