Description
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · localwindows
https://www.exploit-db.com/exploits/41901
References (4)
Core 4
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/41901/
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0165
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038239
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97467
Scores
CVSS v3
7.8
EPSS
0.1268
EPSS Percentile
94.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (6)
microsoft/windows_10
microsoft/windows_10
1511
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2012
r2
Microsoft Corporation/Windows
Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
Published
Apr 12, 2017
Tracked Since
Feb 18, 2026