7.8
CVE-2016-3309
- EPSS 53.85%
- Published 09.08.2016 21:59:16
- Last modified 12.04.2025 10:46:40
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Windows 10 1507 Version-
Microsoft ≫ Windows 10 1511 Version-
Microsoft ≫ Windows 10 1607 Version-
Microsoft ≫ Windows 8.1 Version-
Microsoft ≫ Windows Rt 8.1 Version-
Microsoft ≫ Windows Server 2008 Version- Updatesp2
Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1
Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2
Microsoft ≫ Windows Vista Version- Updatesp2
15.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Microsoft Windows Kernel Privilege Escalation Vulnerability
VulnerabilityA privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 53.85% | 0.979 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|