Kaspersky LabKLA12326KLA12326 SB vulnerability in Microsoft Device
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
5.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.5%
A security feature bypass vulnerability was found in Microsoft Device. Malicious users can exploit this vulnerability to bypass security restrictions.
Original advisories
Related products
CVE list
CVE-2021-42299 unknown
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Affected Products
- Microsoft Surface Pro 3
Related
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
5.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.5%