CVE-2017-8564

MEDIUM

Windows Kernel - Information Disclosure via Uninitialized Memory

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-8564. PoCs published by Google Security Research.

AI-analyzed exploit summary This PoC exploits an information leak vulnerability in nsiproxy.sys by triggering an uninitialized memory disclosure via the 0x120007 IOCTL. It demonstrates how uninitialized pool memory is leaked to user-mode, potentially aiding in kernel ASLR bypass.

Description

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability".

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · c++doswindows
https://www.exploit-db.com/exploits/42338

This PoC exploits an information leak vulnerability in nsiproxy.sys by triggering an uninitialized memory disclosure via the 0x120007 IOCTL. It demonstrates how uninitialized pool memory is leaked to user-mode, potentially aiding in kernel ASLR bypass.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows (nsiproxy.sys)
Auth required
Prerequisites: Local authenticated access · At least one network adapter installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42338/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038853
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99428

Scores

CVSS v3 5.5
EPSS 0.2293
EPSS Percentile 96.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (13)
microsoft/windows_10
microsoft/windows_10 1511
microsoft/windows_10 1607
microsoft/windows_10 1703
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1 (2 CPE variants)
microsoft/windows_server_2012
... and 3 more
Published Jul 11, 2017
Tracked Since Feb 18, 2026