CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Oct 27, 2025

High

CISA KEV

CVE-2021-43226

Microsoft—Windows

Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.

Required Action

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43226 ; https://nvd.nist.gov/vuln/detail/CVE-2021-43226

Vulnerability Overview

Severity: High
CISA KEV: Yes
Ransomware: Unknown
Published: Oct 6, 2025
KEV Added: Oct 6, 2025
Due Date: Oct 27, 2025
Related Articles: 0

Vendor

Microsoft

Windows