KEV · Actively exploited
CVE-2021-31956
HIGH 7.8
KEV
Windows NTFS Elevation of Privilege Vulnerability
EPSS
88.71%
exploit likely
percentile 99.5%
CISA Known Exploited Vulnerability
- Added to KEV
- 2021-11-03
- Remediation deadline
- 2021-11-17
- Required action
- Apply updates per vendor instructions.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2019 (Server Core installation) 10.0.17763.1999 Windows Server 2019 10.0.17763.1999 Windows Server 2016 (Server Core installation) 10.0.14393.4467 Windows Server 2016 10.0.14393.4467 Windows 10 21H1 · 2021-H1 10.0.19043.1052 Windows 10 20H2 · 2020-H2 10.0.19042.1052 Windows 10 2004 · 2020-04 10.0.19041.1052 Windows 10 1909 · 2019-09 10.0.18363.1621 Windows 10 1809 · 2018-09 10.0.17763.1999 Windows 10 1607 · 2016-07 10.0.14393.4467