What is CVE-2010-0021?

CVE-2010-0021 is a medium-severity vulnerability in Microsoft Windows_2000, classified under Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition). CVSS score: 5.9/10. Published 2010-02-10.

How severe is CVE-2010-0021?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Is CVE-2010-0021 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Windows_2000

CVE-2010-0021

Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang)…

Vulnerability class: Race Condition

EPSS: 0.114 (93.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

CWE-362 — Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

Public proof-of-concept exploits

References

TA10-040A (US Government Resource, x_refsource_CERT, third-party-advisory)
MS10-012 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:8524 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2010-0021?: CVE-2010-0021 is a medium-severity vulnerability in Microsoft Windows_2000, classified under Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition). CVSS score: 5.9/10. Published 2010-02-10.
How severe is CVE-2010-0021?: Medium severity. CVSS v3 base score is 5.9 out of 10.
Is CVE-2010-0021 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.