High severity7.8NVD Advisory· Published Aug 12, 2021· Updated Jun 17, 2026
CVE-2021-36958
CVE-2021-36958
Description
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected products
14cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19060:*:*:*:*:*:x86:*+ 1 more
- cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19060:*:*:*:*:*:x86:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1801:*:*:*:*:*:x86:*range: 10.0.0
cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4651:*:*:*:*:*:x86:*+ 1 more
- cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4651:*:*:*:*:*:x86:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1237:*:*:*:*:*:x86:*range: 10.0.0
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2183:*:*:*:*:*:x86:*+ 1 more
- cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2183:*:*:*:*:*:x86:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1237:*:*:*:*:*:x64:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1237:*:*:*:*:*:x64:*Range: 10.0.0
- cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23462:*:*:*:*:*:x64:*Range: 6.2.0
- cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651:*:*:*:*:*:*:*Range: 10.0.0
- cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183:*:*:*:*:*:*:*Range: 10.0.0
Patches
Vulnerability mechanics
References
2- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36958nvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/131152nvd
News mentions
0No linked articles in our index yet.