Description
The kernel in Microsoft Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · localwindows
https://www.exploit-db.com/exploits/40608
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-124
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93357
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/40608/
Scores
CVSS v3
5.0
EPSS
0.0302
EPSS Percentile
86.7%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (3)
microsoft/windows_10
microsoft/windows_10
1511
microsoft/windows_10
1607
Published
Oct 14, 2016
Tracked Since
Feb 18, 2026