CVE-2021-36934: Microsoft Windows SAM Local Privilege Escalation

Microsoft Windows SAM Local Privilege Escalation Vulnerability. If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.

• CISA KEV-listed (remediation due 2022-02-24)
• EPSS 90.4% (99.6% percentile)

Detection rules

• Potential SAM Database Dump high

Browse the CVE database

Read the full analysis on IntelFusions