CVE-2016-0151

HIGH KEV RANSOMWARE

Microsoft Windows 10 1507 - Improper Privilege Management

Title source: rule

Description

The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · c++doswindows

https://www.exploit-db.com/exploits/39740

View Code ZIP pw:eip

References (4)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1035544

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-048

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/39740/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0151

Scores

CVSS v3 7.8

EPSS 0.3241

EPSS Percentile 96.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-28

VulnCheck KEV 2022-03-28

InTheWild.io 2022-03-28

ENISA EUVD EUVD-2016-0189

Ransomware Use Confirmed

CWE

CWE-269

Status published

Products (6)

microsoft/windows_10_1507

microsoft/windows_10_1511

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2012

microsoft/windows_server_2012 r2

Published Apr 12, 2016

KEV Added Mar 28, 2022

Tracked Since Feb 18, 2026