CVE-2017-7293

HIGH

Dolby DAX2/DAX3 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2017-7293. PoCs published by Google Security Research, qazbnm456, xbl3.

AI-analyzed exploit summary The exploit leverages a DCOM deserialization vulnerability in the Dolby Audio X2 Service (DAX2API) running with SYSTEM privileges. It uses a pre-compiled tool (ExploitDotNetDCOMSerialization.exe) to execute arbitrary commands (e.g., notepad) with elevated privileges.

Description

The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCOM. This affects Dolby Audio X2 (DAX2) 1.0, 1.0.1, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 1.4.3, and 1.4.4 and Dolby Audio X3 (DAX3) 1.0 and 1.1. An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Google Security Research · textlocalwindows
https://www.exploit-db.com/exploits/41933

The exploit leverages a DCOM deserialization vulnerability in the Dolby Audio X2 Service (DAX2API) running with SYSTEM privileges. It uses a pre-compiled tool (ExploitDotNetDCOMSerialization.exe) to execute arbitrary commands (e.g., notepad) with elevated privileges.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Dolby Audio X2 Service (DAX2API) version 0.7.2.61 (Realtek Audio Driver 6.0.1.7898)
No auth needed
Prerequisites: Windows 10 with vulnerable Realtek Audio Driver · DAX2API service running
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github WRITEUP 3,480 stars
by qazbnm456 · poc
https://github.com/qazbnm456/awesome-cve-poc/tree/master/CVE-2017-7293.md

This repository provides a technical writeup for CVE-2017-7293, referencing external resources and a PoC from another repository. It includes details about the vulnerability, credited to Forshaw of Google Project Zero, and links to related references.

Classification
Writeup 80%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: Windows Dolby Audio X2 Service
Auth required
Prerequisites: Local access to the target system · Presence of vulnerable Dolby Audio X2 Service
devstral-2 · analyzed Feb 27, 2026 Full analysis →
github WRITEUP 14 stars
by xbl3 · poc
https://github.com/xbl3/awesome-cve-poc_qazbnm456/tree/master/CVE-2017-7293.md

This repository provides a technical writeup for CVE-2017-7293, a Windows Dolby Audio X2 Service Elevation of Privilege (EoP) vulnerability. It references external PoC code and detailed analysis from Project Zero and Microsoft.

Classification
Writeup 80%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Windows Dolby Audio X2 Service
Auth required
Prerequisites: Local access to the target system · Presence of vulnerable Dolby Audio X2 Service
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41933/
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugs.chromium.org/p/project-zero/issues/detail?id=1075

Scores

CVSS v3 7.8
EPSS 0.0261
EPSS Percentile 83.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-502
Status published
Products (15)
dolby/dolby_audio_x2 1.0
dolby/dolby_audio_x2 1.0.1
dolby/dolby_audio_x2 1.1
dolby/dolby_audio_x2 1.1.1
dolby/dolby_audio_x2 1.2
dolby/dolby_audio_x2 1.3
dolby/dolby_audio_x2 1.3.1
dolby/dolby_audio_x2 1.3.2
dolby/dolby_audio_x2 1.4
dolby/dolby_audio_x2 1.4.1
... and 5 more
Published Apr 26, 2017
Tracked Since Feb 18, 2026