← back
CVE-2021-36955

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVSS 7.8 HIGHEPSS 3.1%● KEV
Vexday Risk Score
71High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Proof of concept
Popular PoC on GitHub (14 stars) — exploitation code widely available.
CVSS 7.8EPSS 3.1%KEV simPoC públicaNuclei Metasploit Patch
Lifecycle
15 Sep 2021Published on NVD
03 Nov 2021Active exploitation (CISA KEV)
18 Jul 2022Public PoC
Weaponization speed
306 daysto first PoC
49 daysto active exploitation (KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A flaw in Windows' Common Log File System driver allows an attacker with local access to bypass security restrictions and gain higher privileges on the system. This could let them take full control of the computer.

Technical detail

An elevation of privilege vulnerability in the Windows CLFS driver (Kernel component) that can be exploited via local access to escalate from a lower-privileged user context to system-level privileges. Requires prior local code execution; successful exploitation results in SYSTEM-level access.

Summary generated and translated by AI from the official description.
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.