← back
CVE-2021-27085

Internet Explorer Remote Code Execution Vulnerability

CVSS 8.8 HIGHEPSS 3.7%● KEV
Vexday Risk Score
51Attention
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 8.8EPSS 3.7%KEV simPoC Nuclei Metasploit Patch
Lifecycle
11 Mar 2021Published on NVD
03 Nov 2021Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

Internet Explorer has a vulnerability that allows attackers to run malicious code on your computer when you visit a specially crafted website. This is dangerous because it gives attackers direct control over your system.

Technical detail

A remote code execution vulnerability in Internet Explorer allows an attacker to execute arbitrary code with user privileges through a malicious web page. The attack requires user interaction (visiting a crafted site) and can be delivered via email links or compromised websites, resulting in complete system compromise.

Summary generated and translated by AI from the official description.
Internet Explorer Remote Code Execution Vulnerability
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C