What is CVE-2021-33773?

A high-severity elevation of privilege vulnerability exists in Microsoft Windows Remote Access Connection Manager. It can be exploited locally with low complexity. Immediate patching is required to mitigate risk.

What is the severity of CVE-2021-33773?

CVE-2021-33773 has a severity rating of HIGH with a CVSS base score of 7.8.

CVE-2021-33773 | High Vulnerability in Microsoft Windows Remote Access Connection Manager

CVE-2021-33773 is a high-severity elevation of privilege vulnerability affecting Microsoft Windows Remote Access Connection Manager. This vulnerability allows attackers to execute arbitrary code with elevated privileges on affected systems. The CVSS score for this vulnerability is 7.8, indicating a high risk level that necessitates immediate attention from organizations. The vulnerability is local in nature, meaning it requires physical or remote access to the vulnerable system to exploit.

Risk to organizations includes unauthorized access to sensitive information, potential data loss, and disruption of service. Given the potential impact, organizations should prioritize patching immediately. Microsoft has released security updates to address this vulnerability, and organizations are urged to apply these updates as soon as possible.

The vulnerability was published on July 14, 2021, and has been classified with a CVSS v3.1 vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating a local attack vector, low attack complexity, and high impacts on confidentiality, integrity, and availability. Currently, there are no known public exploits or proofs of concept available, but the potential for exploitation exists.

Organizations must take proactive steps to secure their environments against this vulnerability by ensuring that all affected systems are patched. Regular vulnerability assessments and penetration testing can help identify and remediate similar vulnerabilities before they can be exploited.

Vulnerability Details

The official description of CVE-2021-33773 states that it is an elevation of privilege vulnerability in Windows Remote Access Connection Manager. The CVSS score of 7.8 signifies a high severity level, reflecting the potential impact on confidentiality, integrity, and availability. The affected products include various versions of Windows 10, Windows 8.1, and Windows Server 2016 and 2019.

Technical Analysis

The root cause of this vulnerability lies in improper validation within the Windows Remote Access Connection Manager. Attackers may leverage this flaw to gain elevated privileges on affected systems, potentially allowing them to execute arbitrary code. The attack vector is local, requiring low privileges to exploit, and user interaction is not necessary. The impacts can be severe, affecting confidentiality, integrity, and availability.

Risk & Impact Analysis

Organizations face a significant risk if they do not address this vulnerability. The potential for unauthorized access to sensitive data can lead to severe repercussions, including data breaches and reputational damage. The urgency for remediation is high, as the CVSS score indicates a substantial threat level. The impact could extend beyond individual systems, affecting organizational networks and overall business operations.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions include various releases of Windows 10 from 1607 to 21H1, Windows 8.1, and Windows Server versions 2012, 2016, and 2019. Organizations should evaluate their environments to ensure all systems running these versions are updated.

Mitigation & Remediation

Organizations should apply the relevant patches provided by Microsoft to mitigate this vulnerability. It is recommended to perform regular updates and security assessments. For more information, refer to the recommended practices for penetration testing. Organizations should also consider implementing network segmentation and monitoring to detect potential exploitation attempts.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor system logs for unusual access patterns. Behavioral anomalies and unauthorized changes to system files can also indicate an attempted exploitation. Additionally, it is critical to have network signatures in place that can alert on suspicious activities related to remote access connections.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2021-33773 highlights the importance of maintaining a proactive security posture. Security teams should learn from this vulnerability to enhance their defense mechanisms. The trend of elevation of privilege vulnerabilities continues to be a critical focus for organizations, necessitating regular security assessments. For more insights, refer to our articles on vulnerability management and effective penetration testing methodology practices that can help mitigate similar risks in the future.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2021-33773: High Vulnerability in Microsoft Windows Remote Access Connection Manager