What is CVE-2021-28322?

CVE-2021-28322 is a vulnerability in the Diagnostics Hub Standard Collector Service that allows elevation of privilege.

What software is affected by CVE-2021-28322?

The software affected by CVE-2021-28322 includes Microsoft Visual Studio 2015, 2017, and 2019, as well as Microsoft Windows 10, Windows Server 2016, and Windows Server 2019.

How severe is CVE-2021-28322?

CVE-2021-28322 has a severity level of 7.8 (high).

What is the Common Vulnerabilities and Exposures (CVE) ID for this vulnerability?

The Common Vulnerabilities and Exposures ID for this vulnerability is CVE-2021-28322.

How can I mitigate CVE-2021-28322?

To mitigate CVE-2021-28322, it is recommended to apply the security updates provided by Microsoft.

Vulnerability/
CVE-2021-28322

high

7.8

CWE

269

13/4/2021

3/8/2024

CVE-2021-28322: Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

First published: Tue Apr 13 2021(Updated: )

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28313, CVE-2021-28321.

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Visual Studio	=2015-update3
Microsoft Visual Studio 2017	>=15.0<=15.9
Microsoft Visual Studio 2019	>=16.0<=16.7
Microsoft Visual Studio 2019	>=16.8<=16.9
Microsoft Windows 10	=20h2
Microsoft Windows 10	=1803
Microsoft Windows 10	=1809
Microsoft Windows 10	=1909
Microsoft Windows 10	=2004
Microsoft Windows Server 2016	=20h2
Microsoft Windows Server 2016	=1909
Microsoft Windows Server 2016	=2004
Microsoft Windows Server 2019

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-28322?
CVE-2021-28322 is a vulnerability in the Diagnostics Hub Standard Collector Service that allows elevation of privilege.
What software is affected by CVE-2021-28322?
The software affected by CVE-2021-28322 includes Microsoft Visual Studio 2015, 2017, and 2019, as well as Microsoft Windows 10, Windows Server 2016, and Windows Server 2019.
How severe is CVE-2021-28322?
CVE-2021-28322 has a severity level of 7.8 (high).
What is the Common Vulnerabilities and Exposures (CVE) ID for this vulnerability?
The Common Vulnerabilities and Exposures ID for this vulnerability is CVE-2021-28322.
How can I mitigate CVE-2021-28322?
To mitigate CVE-2021-28322, it is recommended to apply the security updates provided by Microsoft.

agent/author
agent/type
agent/description
agent/event
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/title
agent/remedy
agent/references
agent/weakness
agent/severity
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
agent/tags
collector/mitre-cve
source/MITRE
vendor/microsoft
canonical/microsoft visual studio
version/microsoft visual studio/2015-update3
canonical/microsoft visual studio 2017
version/microsoft visual studio 2017/15.0
version/microsoft visual studio 2017/15.9
canonical/microsoft visual studio 2019
version/microsoft visual studio 2019/16.0
version/microsoft visual studio 2019/16.7
version/microsoft visual studio 2019/16.8
version/microsoft visual studio 2019/16.9
canonical/microsoft windows 10
version/microsoft windows 10/20h2
version/microsoft windows 10/1803
version/microsoft windows 10/1809
version/microsoft windows 10/1909
version/microsoft windows 10/2004
canonical/microsoft windows server 2016
version/microsoft windows server 2016/20h2
version/microsoft windows server 2016/1909
version/microsoft windows server 2016/2004
canonical/microsoft windows server 2019