Exploit for #VU50485 Information disclosure in Windows and Windows Server

Exploit for #VU50485 Information disclosure in Windows and Windows Server

Published: 2021-11-29

Vulnerability identifier: #VU50485

Vulnerability risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-24084

CWE-ID: CWE-200

Exploitation vector: Local

Exploits in database: 2

November 29, 2021
- CVE-2021-24084 (Windows MDM LPE) [Github]
- WindowsMDM-LPE-0Day (CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day) [Github]

Impact: Information disclosure

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft