CVE-2021-34439 Microsoft Windows Media Foundation Remote Code Execution Vulnerability

🗓️ 16 Jul 2021 20:19:32Reported by microsoftType

Microsoft Windows Media Foundation Remote Code Execution Vulnerability CVE-2021-3443

Reporter	Title	Published	Views	Family All 20
BDU FSTEC	The vulnerability of the Media Foundation component in Microsoft Windows operating systems allows a hacker to execute arbitrary code.	4 Jan 202200:00	–	bdu_fstec
CNNVD	Microsoft Windows Media Foundation 代码注入漏洞	13 Jul 202100:00	–	cnnvd
CNVD	Microsoft Windows/Windows Server Remote Code Execution Vulnerability (CNVD-2021-62479)	15 Jul 202100:00	–	cnvd
CVE	CVE-2021-34439	16 Jul 202120:19	–	cve
EUVD	EUVD-2021-21094	7 Oct 202500:30	–	euvd
Microsoft KB	July 13, 2021—KB5004238 (OS Build 14393.4530) - EXPIRED	13 Jul 202107:00	–	mskb
Microsoft KB	July 13, 2021—KB5004249 (OS Build 10240.19003) - EXPIRED	13 Jul 202107:00	–	mskb
Kaspersky	KLA12221 Multiple vulnerabillities in Microsoft Windows	13 Jul 202100:00	–	kaspersky
Microsoft CVE	Microsoft Windows Media Foundation Remote Code Execution Vulnerability	13 Jul 202107:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Windows	13 Jul 202100:00	–	ncsc

[
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1507",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19003:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19003:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.10240.19003",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1607",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4530:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4530:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.4530",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2016",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.4530",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2016 (Server Core installation)",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.4530",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34439

28 Dec 2023 22:37Current

8.4High risk

Vulners AI Score8.4

CVSS 3.17.8

EPSS0.02495