Main
Vulnerability Database
Exploits
ID:8957 - Exploit for Use-after-free in Windows and Windows Server - CVE-2021-40449
ID:8957 - Exploit for Use-after-free in Windows and Windows Server - CVE-2021-40449
Published: April 3, 2023
Vulnerability identifier: #VU57249
Vulnerability risk: High
CVE-ID: CVE-2021-40449
CWE-ID: CWE-416
Exploitation vector: Local access
Vulnerable software:
Windows
Windows Server
Windows
Windows Server
Link to public exploit:
Vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Win32k NtGdiResetDC function in Microsoft Windows kernel. A local user can run a specially crafted program to trigger a use-after-free error, when the function ResetDC is executed a second time for the same handle during execution of its own callback, and execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild.
The vulnerability exists due to a boundary error within the Win32k NtGdiResetDC function in Microsoft Windows kernel. A local user can run a specially crafted program to trigger a use-after-free error, when the function ResetDC is executed a second time for the same handle during execution of its own callback, and execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install updates from vendor's website.