Published: 13/04/2021 Updated: 29/12/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft visual studio 2015
microsoft windows 10 1803
microsoft windows server 2019 -
microsoft windows 10 1809
microsoft windows server 2016 1909
microsoft windows 10 1909
microsoft windows 10 2004
microsoft windows server 2016 2004
microsoft visual studio 2017
microsoft windows 10 20h2
microsoft windows server 2016 20h2
microsoft visual studio 2019

Proof of concept code about the Microsoft Diaghub case sensitivity Elevation of Privileges vulnerability

Microsoft DiagHub case-sensitivity Elevation of Privileges (EoP) vulnerability Abstract The Microsoft (R) Diagnostics Hub Standard Collector Service is a default component of Microsoft Windows operating system This report is about a flaw in the Diagnostics Hub Standard Collector Service DCOM class that is available to all users of the OS (includes NT AUTHORITY\Authenticated Us

CWE-59 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321 http://seclists.org/fulldisclosure/2021/Apr/40 http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html https://nvd.nist.gov https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-28321

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect