← back
CVE-2021-43226

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVSS 7.8 HIGHEPSS 3.1%● KEV
Vexday Risk Score
71High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Proof of concept
Popular PoC on GitHub (2 stars) — exploitation code widely available.
CVSS 7.8EPSS 3.1%KEV simPoC públicaNuclei Metasploit Patch
Lifecycle
15 Dec 2021Published on NVD
30 Oct 2023Public PoC
06 Oct 2025Active exploitation (CISA KEV)
Weaponization speed
683 daysto first PoC
1390 daysto active exploitation (KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A flaw in Windows' Common Log File System Driver allows a local attacker to gain higher privileges on the system. An authenticated user can exploit this to run malicious code with elevated permissions.

Technical detail

A privilege escalation vulnerability in the CLFS driver can be exploited by a local attacker with user-level access to execute arbitrary code with kernel privileges. The attack requires local code execution as a prerequisite and results in complete system compromise via kernel-level access.

Summary generated and translated by AI from the official description.
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.