CVE-2021-41338: 
vulnerability analysis and mitigation

Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability (CVE-2021-41338) was identified and disclosed on September 17, 2021. This vulnerability affects multiple versions of Microsoft Windows including Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 (CVE Mitre).

The vulnerability has been assigned a CVSS v3.1 base score with the following metrics: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N, indicating local access is required with low attack complexity. The CVSS v2 score is (AV:L/AC:L/Au:N/C:N/I:P/A:N), suggesting a local attack vector with partial impact on integrity (NVD).

The vulnerability affects the Windows AppContainer Firewall Rules security feature, potentially allowing attackers to bypass security features in affected systems. The impact is primarily focused on integrity with no direct effect on confidentiality or availability (Rapid7).

Microsoft has released security updates to address this vulnerability. The fixes are available through various KB updates including KB5006675, KB5006669, KB5006672, KB5006667, KB5006670, KB5006674, and KB5006699 for different versions of Windows and Windows Server (Rapid7).