CVE-2017-0211

MEDIUM

Microsoft Windows OLE - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textlocalwindows

https://www.exploit-db.com/exploits/41902

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/41902/

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038240

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/97514

Scores

CVSS v3 5.5

EPSS 0.2234

EPSS Percentile 95.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-610

Status published

Products (10)

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_10 1607

microsoft/windows_10 1703

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2012

microsoft/windows_server_2012 r2

microsoft/windows_server_2016

Microsoft Corporation/Windows OLE Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Se

Published Apr 12, 2017

Tracked Since Feb 18, 2026