Common Vulnerabilities and Exposures

CVE Vulnerability Data CVE-2021-28349

CVE-2021-28349

Summary

Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28348, CVE-2021-28350.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28349

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*

CVSS v3.1

Base: 7.8 (as of 20-04-2021 - 13:59)
Impact: 5.9
Exploitability: 1.8

Access

Vector Complexity Authentication
LOCAL LOW NONE

Impact

Confidentiality Integrity Availability
PARTIAL PARTIAL PARTIAL

Impact v3.1

Confidentiality Integrity Availability
HIGH HIGH HIGH

Last major update 20-04-2021 - 13:59
Published 13-04-2021 - 20:15
Last modified 20-04-2021 - 13:59

Related Articles