CVE-2016-3309

HIGH KEV RANSOMWARE

Microsoft Windows - Privilege Escalation

Title source: llm

Description

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.

Exploits (3)

exploitdb WORKING POC
by siberas · textlocalwindows_x86-64
https://www.exploit-db.com/exploits/42960
nomisec WORKING POC 54 stars
by siberas · local
https://github.com/siberas/CVE-2016-3309_Reloaded

References (5)

Scores

CVSS v3 7.8
EPSS 0.4678
EPSS Percentile 97.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-15
VulnCheck KEV 2022-03-15
InTheWild.io 2022-03-15
ENISA EUVD EUVD-2016-4341
Ransomware Use Confirmed
Status published
Products (11)
microsoft/windows_10_1507
microsoft/windows_10_1511
microsoft/windows_10_1607
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1
microsoft/windows_server_2012
microsoft/windows_server_2012 r2
... and 1 more
Published Aug 09, 2016
KEV Added Mar 15, 2022
Tracked Since Feb 18, 2026