CVE-2021-33771

ENISA EUVD: EUVD-2021-20448 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 5 articles Published: 2021-07-14

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

6.52%

probability

This CVE has a 6.52% probability of being exploited in the next 30 days.

0% Top 91.2th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Functional

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

CVSS v2 (legacy)

7.2

HIGH

Access Vector

Local

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

NVD

Windows Kernel Elevation of Privilege Vulnerability

Affected Products

Microsoft

Windows 10 Version 1809

10.0.0

Microsoft

Windows Server 2019

10.0.0

Microsoft

Windows Server 2019 (Server Core installation)

10.0.0

Microsoft

Windows 10 Version 1909

10.0.0

Microsoft

Windows 10 Version 21H1

10.0.0

microsoft

windows 10 1507

microsoft

windows 10 1607

microsoft

windows 10 1809

microsoft

windows 10 1909

microsoft

windows 10 2004

Microsoft

Windows 10 Version 20H2

10.0.0 <10.0.19042.1110

Microsoft

Windows 10 Version 21H1

10.0.0 <10.0.19043.1110

Microsoft

Windows Server 2016

10.0.0 <10.0.14393.4530

Microsoft

Windows 10 Version 1607

10.0.0 <10.0.14393.4530

Microsoft

Windows Server version 20H2

10.0.0 <10.0.19042.1110

Microsoft

Windows Server 2012 R2

6.3.0 <6.3.9600.20069

Microsoft

Windows 10 Version 1909

10.0.0 <10.0.18363.1679

Microsoft

Windows 10 Version 1507

10.0.0 <10.0.10240.19003

Microsoft

Windows Server 2019 (Server Core installation)

10.0.0 <10.0.17763.2061

Microsoft

Windows Server 2016 (Server Core installation)

10.0.0 <10.0.14393.4530

Microsoft

Windows Server 2019

10.0.0 <10.0.17763.2061

Microsoft

Windows 10 Version 2004

10.0.0 <10.0.19041.1110

Microsoft

Windows 8.1

6.3.0 <6.3.9600.20069

Microsoft

Windows Server 2012 R2 (Server Core installation)

6.3.0 <6.3.9600.20069

Microsoft

Windows Server version 2004

10.0.0 <10.0.19041.1110

Microsoft

Windows 10 Version 1809

10.0.0 <10.0.17763.2061

Google Project Zero

Patched

July 13, 2021

Reported by

Microsoft Threat Intelligence Center (MSTIC)/ Microsoft Security Response Center (MSRC)

Root Cause Analysis

???

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33771

x_refsource_MISC

Signal Intelligence

Confidenceⓘ

95%

EPSS 6.52%

CVSS v3.1 7.8

Mentions 5

Last Seen Nov 09, 2021

CNA Information

CNA Assigner

microsoft

CNA Title

Windows Kernel Elevation of Privilege Vulnerability

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026

Published DateJul 14, 2021