CVE-2016-7237

MEDIUM

Microsoft Windows - Authenticated Denial of Service via LSASS Crafted Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-7237. PoCs published by laurent gaffie.

AI-analyzed exploit summary This is a detailed advisory for CVE-2026-7237, describing a null pointer dereference vulnerability in Microsoft Windows LSASS that can be triggered remotely via SMB NTLM message manipulation, leading to a system crash or potential privilege escalation. The advisory includes technical details, affected versions, and references to proof-of-concept code.

Description

Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote authenticated users to cause a denial of service (system hang) via a crafted request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED

by laurent gaffie · textdoswindows

https://www.exploit-db.com/exploits/40744

View Code ZIP pw:eip

This is a detailed advisory for CVE-2026-7237, describing a null pointer dereference vulnerability in Microsoft Windows LSASS that can be triggered remotely via SMB NTLM message manipulation, leading to a system crash or potential privilege escalation. The advisory includes technical details, affected versions, and references to proof-of-concept code.

Classification

Writeup 100%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows LSASS (XP through Windows 10)

No auth needed

Prerequisites: Network access to target SMB service · Ability to send crafted NTLM messages

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037249

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-137

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94040

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40744/

Scores

CVSS v3 6.5

EPSS 0.6482

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-284

Status published

Products (12)

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_10 1607

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008 r2 sp1

microsoft/windows_server_2012

microsoft/windows_server_2012 r2

... and 2 more

Published Nov 10, 2016

Tracked Since Feb 18, 2026