How severe is CVE-2021-31956?

CVE-2021-31956 has a CVSS v3 score of 7.8 (HIGH).

CVE-2021-31956

7.8HIGH

Windows NTFS Elevation of Privilege Vulnerability

Published: 6/8/2021Updated: 1/13/2026

CISA Known Exploited Vulnerability

Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.

Required Action:

Apply updates per vendor instructions.

Due Date:

2021-11-17

Description

Windows NTFS Elevation of Privilege Vulnerability

AI AnalysisPowered by AI

Affected Products

microsoftwindows_10_1507

microsoftwindows_10_1607

microsoftwindows_10_1809

microsoftwindows_10_1909

microsoftwindows_10_2004

microsoftwindows_10_20h2

microsoftwindows_10_21h1

microsoftwindows_7

microsoftwindows_8.1

microsoftwindows_rt_8.1

microsoftwindows_server_2004

microsoftwindows_server_2008

sp2

microsoftwindows_server_2012

microsoftwindows_server_2016

microsoftwindows_server_2019

microsoftwindows_server_20h2

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956
PatchVendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956
PatchVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31956
US Government Resource