CVE-2016-0040

HIGH KEV

Microsoft Windows - Privilege Escalation

Title source: llm

Description

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows_x86-64

https://www.exploit-db.com/exploits/44586

View Code ZIP pw:eip

nomisec WRITEUP 45 stars

by Rootkitsmm-zz · local

https://github.com/Rootkitsmm-zz/cve-2016-0040

View Code ZIP pw:eip

nomisec WORKING POC 14 stars

by de7ec7ed · poc

https://github.com/de7ec7ed/CVE-2016-0040

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by smmrootkit, de7ec7ed, de7ec7ed · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms16_014_wmi_recv_notif.rb

View Code ZIP pw:eip

References (4)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034985

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44586/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0040

Scores

CVSS v3 7.8

EPSS 0.7888

EPSS Percentile 99.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-28

VulnCheck KEV 2022-03-28

InTheWild.io 2022-03-28

ENISA EUVD EUVD-2016-0078

Status published

Products (4)

microsoft/windows_7

microsoft/windows_server_2008

microsoft/windows_server_2008 r2 sp1

microsoft/windows_vista

Published Feb 10, 2016

KEV Added Mar 28, 2022

Tracked Since Feb 18, 2026