CVE-2021-31955: Windows Kernel Information Disclosure Vulnerability

Overview

Severity: Medium (CVSS 5.5)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
Category: Information Disclosure
Exploit Status: Actively Exploited
Exploitation Likelihood: Detected
Patch Tuesday: 2021-Jun
Released: 2021-06-08
EPSS Score: 4.83% (percentile: 89.5%)
CISA KEV: Listed — due 2021-11-17

FAQ

What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

Known Exploits (2)

Microsoft Windows Kernel Information Disclosure Vulnerability — added 2025-10-29T18:16:29Z
Microsoft Windows Kernel Information Disclosure Vulnerability — added 2021-06-26T03:59:38Z

Detection & Weaponization (1 sources)

Maturity: Exploit

GitHub PoC: 2 repositories

Affected Products (18)

Windows

Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows Server, version 20H2 (Server Core Installation)

Security Updates (3)

Acknowledgments

Boris Larin (<a href="https://twitter.com/oct0xor">oct0xor</a>) of <a href="https://www.kaspersky.com/">Kaspersky Lab</a>

Revision History

2021-06-08: Information published.