CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Nov 17, 2021

CVE-2021-36955

High

EPSS 20.6%CISA KEVRansomware

Description

Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

20.6%

Higher than 95.5% of all CVEs

https://nvd.nist.gov/vuln/detail/CVE-2021-36955

HIGH

In CISA KEV

Ransomware

Published

Nov 3, 2021

Added to KEV

Nov 3, 2021

Remediation Due

Nov 17, 2021

Microsoft

Windows