CVE-2017-8576

EPSS 1.28%
Published 29.06.2017 13:29:00
Last modified 20.04.2025 01:37:25
Source secure@microsoft.com
Teams watchlist Login
Open Login

The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability."

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 10 Version-

Microsoft ≫ Windows 10 Version1511

Microsoft ≫ Windows 10 Version1607

Microsoft ≫ Windows 10 Version1703

Microsoft ≫ Windows Server 2016

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.28%	0.787

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7	1	5.9	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

http://www.securityfocus.com/bid/99210

Third Party Advisory

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8576

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-8576

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-8576

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-8576

EUVD