Exploit for #VU57249 Use-after-free in Windows and Windows Server

Published: 2021-10-18 | Updated: 2023-04-03

Vulnerability identifier: #VU57249

Vulnerability risk: High

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2021-40449

CWE-ID: CWE-416

Exploitation vector: Local

Exploits in database: 11

April 3, 2023
- Kernel_Exploit (HEVD && CVE Exploit) [Github]
May 24, 2022
- Kernel_Exploit (HEVD & CVE Exploit) [Github]
March 14, 2022
- voidmap (Using CVE-2021-40449 to manual map kernel mode driver) [Github]
February 21, 2022
- CVE-2021-40449-NtGdiResetDC-UAF () [Github]
November 16, 2021
- cve-2021-40449-poc () [Github]
November 9, 2021
- Win32k NtGdiResetDC Use After Free Local Privilege Elevation [Metasploit]
November 8, 2021
- CVE-2021-40449_poc (Exploit for CVE-2021-40449) [Github]
October 26, 2021
- CVE-2021-40449 (LPE exploit for a UAF in Windows (CVE-2021-40449).) [Github]
October 22, 2021
- CVE-2021-40449-Exploit (windows 10 14393 LPE) [Github]
October 18, 2021
- CallbackHell (Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)) [Github]
- CallbackHell (PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)) [Github]

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft