CVE-2021-38672: Windows Hyper-V Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 8)

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Oct

Released

2021-10-12

EPSS Score

0.48% (percentile: 65.1%)

FAQ

How could an attacker exploit this vulnerability? For successful exploitation, this vulnerability could allow a malicious guest VM to read kernel memory in the host. To trigger this vulnerability the guest VM requires a memory allocation error to first occur on the guest VM. This bug could be used for a VM escape from guest to host.

Affected Products (3)

Windows

• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows 11 version 21H2 for x64-based Systems

Security Updates (2)

• 5006699
• 5006674

Acknowledgments

Wei in Kunlun Lab

Revision History

• 2021-10-12: Information published.