What is CVE-2021-41347 vulnerability?

CVE-2021-41347 is a privilege escalation vulnerability in Microsoft Windows AppX Deployment Service, allowing local attackers to escalate privileges on affected installations of Windows.

How does CVE-2021-41347 vulnerability work?

An attacker with the ability to execute low-privileged code on the target system can exploit this vulnerability to escalate privileges.

Which systems are affected by CVE-2021-41347?

Microsoft Windows 10 (versions 1607, 1909, 2004, 20H2, 21H1), Windows 11 (version 21H2), Windows Server 2016 (Server Core installation), Windows Server 2019, and Windows Server 2022 are affected by CVE-2021-41347.

What is the severity of CVE-2021-41347 vulnerability?

The severity of CVE-2021-41347 vulnerability is high, with a CVSS score of 7.8.

How can I fix CVE-2021-41347 vulnerability?

To fix CVE-2021-41347 vulnerability, apply the relevant patches provided by Microsoft or follow the recommended remediation steps outlined in the Microsoft security advisory.

Vulnerability/
CVE-2021-41347

high

7.8

CWE

269

12/10/2021

13/10/2021

17/1/2024

4/8/2024

CVE-2021-41347: Microsoft Windows AppX Deployment Service Directory Junction Privilege Escalation Vulnerability

First published: Tue Oct 12 2021(Updated: )

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deployment Service. By creating a directory junction, an attacker can abuse the service to delete the contents of a chosen directory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 10	=20H2	fix available externally
	=20H2	fix available externally
	=20H2	fix available externally
	=20H2	fix available externally
	=1809	fix available externally
	=1809	fix available externally
	=1809	fix available externally
		fix available externally
		fix available externally
		fix available externally
	=1607	fix available externally
	=1607	fix available externally
		fix available externally
Microsoft Windows 10	=21H1	fix available externally
Microsoft Windows 10	=21H1	fix available externally
Microsoft Windows 10	=21H1	fix available externally
Microsoft Windows Server 2022		fix available externally
Microsoft Windows Server 2022		fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
Microsoft Windows 10	=1909	fix available externally
Microsoft Windows 10	=1909	fix available externally
Microsoft Windows 10	=1909	fix available externally
		fix available externally
		fix available externally
Microsoft Windows 10	=2004	fix available externally
Microsoft Windows 10	=2004	fix available externally
	=2004	fix available externally
	=2004	fix available externally
Microsoft Windows 10
Microsoft Windows 10	=20h2
Microsoft Windows 10	=21h1
Microsoft Windows 10	=1607
Microsoft Windows 10	=1809
Microsoft Windows 10	=1909
Microsoft Windows 10	=2004
Microsoft Windows 11
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows Server 2016	=20h2
Microsoft Windows Server 2016	=2004
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41347

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-41347 vulnerability?
CVE-2021-41347 is a privilege escalation vulnerability in Microsoft Windows AppX Deployment Service, allowing local attackers to escalate privileges on affected installations of Windows.
How does CVE-2021-41347 vulnerability work?
An attacker with the ability to execute low-privileged code on the target system can exploit this vulnerability to escalate privileges.
Which systems are affected by CVE-2021-41347?
Microsoft Windows 10 (versions 1607, 1909, 2004, 20H2, 21H1), Windows 11 (version 21H2), Windows Server 2016 (Server Core installation), Windows Server 2019, and Windows Server 2022 are affected by CVE-2021-41347.
What is the severity of CVE-2021-41347 vulnerability?
The severity of CVE-2021-41347 vulnerability is high, with a CVSS score of 7.8.
How can I fix CVE-2021-41347 vulnerability?
To fix CVE-2021-41347 vulnerability, apply the relevant patches provided by Microsoft or follow the recommended remediation steps outlined in the Microsoft security advisory.

collector/msrc-cve
agent/author
agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/remedy
agent/title
agent/last-modified-date
agent/weakness
agent/references
agent/severity
agent/description
collector/zdi-advisory
source/ZDI
alias/ZDI-21-1161
alias/ZDI-CAN-14687
alias/CVE-2021-41347
agent/software-canonical-lookup
source/Microsoft
agent/softwarecombine
agent/event
agent/tags
agent/software-canonical-lookup-request
collector/nvd-api
collector/nvd-index
vendor/microsoft
canonical/microsoft windows 10
version/microsoft windows 10/20h2
canonical/microsoft windows
canonical/microsoft windows server 2022
version/microsoft windows 10/21h1
version/microsoft windows 10/2004
version/microsoft windows 10/1909
canonical/microsoft windows 11
version/microsoft windows 11/21h2
version/microsoft windows 10/1809
canonical/microsoft windows server 2019
canonical/microsoft windows server
version/microsoft windows server/20h2
version/microsoft windows server/2004
version/microsoft windows 10/1607
canonical/microsoft windows server 2016
version/microsoft windows server 2016/20h2
version/microsoft windows server 2016/2004