CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Feb 24, 2022
High
CISA KEVCVE-2021-36934
Microsoft—Windows
If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2021-36934
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Feb 10, 2022
- KEV Added
- Feb 10, 2022
- Due Date
- Feb 24, 2022
- Related Articles
- 0
Vendor
Microsoft
Windows