Privilege Escalation Vulnerability in Microsoft Windows
CVE-2016-7260

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows Rt 8.1
Windows Server 2012
Windows Server 2016
Windows 7
Vendor
CVE Published:
20 December 2016

What is CVE-2016-7260?

This vulnerability affects kernel-mode drivers within various versions of Microsoft Windows. It allows local users to execute crafted applications that can elevate their privileges, potentially gaining unauthorized access to system functions. The flaw can compromise system integrity, making it a significant concern for users and administrators of the affected Windows versions.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securitytracker.com/id/1037452
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/94785
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2016-7260 : Privilege Escalation Vulnerability in Microsoft Windows