Desktop Window Manager vulnerability
Window Manager vulnerability
CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). Due to the lack of bounds checking, attackers are able to create a situation that allows them to write controlled data at a controlled offset using DirectComposition API.
It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits to escape sandboxes or get system privileges for further access.
Detail list is given reference URL:
Updates are available. Please see the references or vendor advisory for more information.
15 Feb 2022 - Security Advisories & Alerts