CVE-2021-34448
ENISA EUVD: EUVD-2021-21103 ↗
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 5, 2026
4 articles
Published: 2021-07-16
EPSS Score
Source: FIRST.org · 2026-05-23
2.03%
probability
This CVE has a 2.03% probability
of being exploited in the next 30 days.
0%
Top 84.0th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)6.8
MEDIUM
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Temporal
Exploit Code Maturity
Functional
Remediation Level
Official Fix
Report Confidence
Confirmed
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
CVSS v2 (legacy)
9.3
HIGH
Access Vector
Network
Access Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
AV:N/AC:M/Au:N/C:C/I:C/A:C
Description
NVDScripting Engine Memory Corruption Vulnerability
Affected Products
Microsoft
Windows 10 Version 1809
10.0.0
Microsoft
Windows Server 2019
10.0.0
Microsoft
Windows 10 Version 1909
10.0.0
Microsoft
Windows 10 Version 21H1
10.0.0
Microsoft
Windows 10 Version 2004
10.0.0
Attack Intelligence
Google Project Zero
Patched
July 13, 2021
Reported by
yangkang(@dnpushme)&bianliang&wanggang&lihongfei of 360 ATA
Root Cause Analysis
???
Signal Intelligence
Confidence
95%
EPSS
2.03%
CVSS v3.1
6.8
Mentions
4
Last Seen
Nov 09, 2021
CNA Information
CNA Assigner
microsoft
CNA Title
Scripting Engine Memory Corruption Vulnerability
Analyst Note
Auto-imported from Google Project Zero — confirmed zero-day by definition.
Triage Info
Decided atMar 05, 2026
Published DateJul 16, 2021