NVD disclosure day
CVE-2021-1048
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A memory corruption flaw in the Android kernel could allow a local attacker to elevate privileges. This impacts device integrity and data confidentiality. The realistic business risk includes unauthorized system control and potential data compromise.
CVE-2021-0920
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A race condition in the Android kernel could allow for privilege escalation. This impacts organizations by enabling unauthorized access to system functions and data on affected systems. Exploitation requires local access and does not need user interaction.
CVE-2021-43890
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A spoofing vulnerability in the AppX installer affects Microsoft Windows, posing a risk to organizations if employees open malicious attachments. Attackers could gain unauthorized system access, impacting data and operations. Known exploitation by threat actors increases this risk.
CVE-2021-43226
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Windows Common Log File System Driver allows local attackers to gain elevated privileges. This could result in unauthorized access to sensitive data or disruption of services, posing a business risk to affected organizations.