CISA Known Exploited Vulnerability

CVE-2021-36955 Ransomware

Microsoft · Windows

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

Date added 2021-11-03

BOD 22-01 due date 2021-11-17

CWE —

Ransomware Known

CISA description

Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.