CVE-2017-0263

Warning

Exploit

EPSS 17.94%
Published 12.05.2017 14:29:05
Last modified 20.04.2025 01:37:25
Source secure@microsoft.com
Teams watchlist Login
Open Login

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

Affected products Warnungen 1 Metrics 4 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 10 1507 Version-

Microsoft ≫ Windows 10 1511 Version-

Microsoft ≫ Windows 10 1607 Version-

Microsoft ≫ Windows 10 1703 Version-

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version-

10.02.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Win32k Privilege Escalation Vulnerability

Vulnerability

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	17.94%	0.946

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://www.securitytracker.com/id/1038449

Third Party Advisory

Broken Link

VDB Entry

http://www.securityfocus.com/bid/98258

Third Party Advisory

Broken Link

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263

Patch

Vendor Advisory

https://www.exploit-db.com/exploits/44478/