Vulnerability Details : CVE-2021-36955
Used for ransomware!
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Vulnerability category: Gain privilege
CVE-2021-36955 is in the CISA Known Exploited Vulnerabilities Catalog
This issue is known to have been leveraged as part of a ransomware campaign.
CISA vulnerability name:
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2021-36955
Added on
2021-11-03
Action due date
2021-11-17
Exploit prediction scoring system (EPSS) score for CVE-2021-36955
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less