Headline
CVE-2021-40489: Storage Spaces Controller Elevation of Privilege Vulnerability
How could an attacker exploit this vulnerability?
An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an IOCTL parameter, which could lead to an out-of-bounds buffer write.