NVD disclosure day

Published threat advisories for January 11, 2022

CVE-2022-21919

Windows User Profile Service Elevation of Privilege Vulnerability Advisory

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in the Windows User Profile Service could allow an attacker with local access to gain elevated privileges. This impacts affected Windows operating systems and presents a business risk of unauthorized system access and control.

NVD published: January 11, 2022 • CISA KEV

CVE advisoryKnown Exploit

CVE-2022-21882

Windows Win32k Elevation of Privilege Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Microsoft Win32k allows for privilege escalation, posing a risk of unauthorized system control and data access for affected organizations.

NVD published: January 11, 2022 • CISA KEV