<< Back
CVE Number Vulnerability Product Severity Date
CVE-2021-34458 Windows Kernel Remote Code Execution Vulnerability Windows Server 2019 Critical 21-07-2021

Technical Information

Brief overview of the risk:

A Remote Code Execution vulnerability in Windows Kernel which is due to use of the single root I/O virtualization (SR-IOV) interface which is an extension to the PCI Express (PCIe) specification. SR-IOV allows a device, such as a network adapter, to have separate access to its resources. This vulnerability can be exploited by attackers with low privileges and there’s no need for any user interaction. An attacker who successfully exploited the vulnerability could execute arbitrary code in the context of the logged on user.

Further information on this vulnerability is available at : CVE-2021-34458

Affected Software

Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server version 2004 (Server Core installation)
Windows Server version 20H2 (Server Core Installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)