| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2021-38672 | Windows Hyper-V Remote Code Execution Vulnerability | Windows Server 2022 | Critical | 26-10-2021 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability in hyper-v. On exploitation this vulnerability can allow remote attackers to read the host’s kernel memory from a malicious guest VM. To trigger this vulnerability the guest VM must first trigger a memory allocation error on the guest VM. Using this vulnerability a remote attacker can escape from the guest VM and move into the host machine.
Further information on this vulnerability is available at : CVE-2021-38672
Affected Software
Windows Server 2022Windows Server 2022 (Server Core installation)
Windows 11 for x64-based Systems