<< Back
CVE Number Vulnerability Product Severity Date
CVE-2021-38672 Windows Hyper-V Remote Code Execution Vulnerability Windows Server 2022 Critical 26-10-2021

Technical Information

Brief overview of the risk:

A remote code execution vulnerability in hyper-v. On exploitation this vulnerability can allow remote attackers to read the host’s kernel memory from a malicious guest VM. To trigger this vulnerability the guest VM must first trigger a memory allocation error on the guest VM. Using this vulnerability a remote attacker can escape from the guest VM and move into the host machine.

Further information on this vulnerability is available at : CVE-2021-38672

Affected Software

Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows 11 for x64-based Systems