CVE-2022-21882

ENISA EUVD: EUVD-2022-27038 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 1 article Published: 2022-01-11

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

89.11%

probability

This CVE has a 89.11% probability of being exploited in the next 30 days.

0% Top 99.5th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

HIGH

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Unproven

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CVSS v2 (legacy)

7.2

HIGH

Access Vector

Local

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

NVD

Win32k Elevation of Privilege Vulnerability

Affected Products

Microsoft

Windows 10 Version 1809

10.0.17763.0

Microsoft

Windows 10 Version 1809

10.0.0

Microsoft

Windows Server 2019

10.0.17763.0

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0

Microsoft

Windows 10 Version 1909

10.0.0

microsoft

windows 10 1809

microsoft

windows 10 1909

microsoft

windows 10 20h2

microsoft

windows 10 21h1

microsoft

windows 10 21h2

Microsoft

Windows 10 Version 20H2

10.0.0 <10.0.19042.1466

Microsoft

Windows 10 Version 1809

10.0.0 <10.0.17763.2452

Microsoft

Windows 10 Version 1809

10.0.17763.0 <10.0.17763.2452

Microsoft

Windows 10 Version 21H1

10.0.0 <10.0.19043.1466

Microsoft

Windows 10 Version 21H2

10.0.19043.0 <10.0.19044.1466

Microsoft

Windows 11 version 21H2

10.0.0 <10.0.22000.434

Microsoft

Windows Server 2019

10.0.17763.0 <10.0.17763.2452

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0 <10.0.17763.2452

Microsoft

Windows Server version 20H2

10.0.0 <10.0.19042.1466

Microsoft

Windows 10 Version 1909

10.0.0 <10.0.18363.2037

Microsoft

Windows Server 2022

10.0.20348.0 <10.0.20348.469

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-664 · Improper Control of a Resource Through its Lifetime CWE-787 · Out-of-bounds Write

Google Project Zero

Patched

Jan. 11, 2022

Reported by

Big CJTeam of Tianfu Cup & RyeLv (@b2ahex)

Root Cause Analysis

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-21882.html

Exploits & PoC

KaLendsi/CVE-2022-21882

win32k LPE

462 2022-01-27

L4ys/CVE-2022-21882

195 2022-02-04

sailay1996/cve-2022-21882-poc

lpe poc for cve-2022-21882

49 2022-02-07

David-Honisch/CVE-2022-21882

CVE-2022-21882

8 2022-02-01

r1l4-i3pur1l4/CVE-2022-21882

6 2022-02-15

5 repos — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21882

vendor-advisory

Signal Intelligence

Confidenceⓘ

95%

EPSS 89.11%

CVSS v3.1 7

Mentions 1

CNA Information

CNA Assigner

microsoft

CNA Title

Win32k Elevation of Privilege Vulnerability

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Threat Actors 1

Lazarus Group

apt_group Information theft and espionage 🇰🇵 KP

Triage Info

Decided atMar 05, 2026

Published DateJan 11, 2022