CVE-2021-1647

ENISA EUVD: EUVD-2021-7114 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 3 articles Published: 2021-01-12

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

77.39%

probability

This CVE has a 77.39% probability of being exploited in the next 30 days.

0% Top 99.0th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Proof-of-Concept

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CVSS v2 (legacy)

7.2

HIGH

Access Vector

Local

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

NVD

Microsoft Defender Remote Code Execution Vulnerability

Affected Products

Microsoft

Microsoft System Center Endpoint Protection

N/A

Microsoft

Microsoft System Center 2012 R2 Endpoint Protection

N/A

Microsoft

Microsoft Security Essentials

N/A

Microsoft

Microsoft System Center 2012 Endpoint Protection

N/A

Microsoft

Windows Defender

N/A

microsoft

windows defender

microsoft

security essentials

microsoft

system center endpoint protection

Microsoft

Microsoft System Center 2012 Endpoint Protection

N/A

Microsoft

Microsoft Security Essentials

N/A

Microsoft

Microsoft System Center 2012 R2 Endpoint Protection

N/A

Microsoft

Microsoft System Center Endpoint Protection

N/A

Microsoft

Windows Defender

N/A

Google Project Zero

Patched

Jan. 12, 2021

Reported by

???

Root Cause Analysis

https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-1647.html

Exploits & PoC

findcool/cve-2021-1647

1 2021-01-20

1 repo — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647

vendor-advisory

Signal Intelligence

Confidenceⓘ

82%

EPSS 77.39%

CVSS v3.1 7.8

Mentions 3

Last Seen Nov 09, 2021

CNA Information

CNA Assigner

microsoft

CNA Title

Microsoft Defender Remote Code Execution Vulnerability

Analyst Note

This CVE is confirmed as a legitimate remote code execution vulnerability in Microsoft Defender with a high CVSS score (7.8). While it lacks CISA KEV listing, the inclusion in Google Project Zero and an official CERT-EU security advisory (with high signal score) provide strong corroboration of its authenticity and severity.

Triage Info

Decided atMar 03, 2026

Published DateJan 12, 2021