Elevation of Privilege Vulnerability in Microsoft Windows Graphics Device Interface
CVE-2017-0005

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows Gdi
Vendor: CVE Published:; 17 March 2017

Badges

👾 Exploit Exists🟡 Public PoC🦅 CISA Reported

What is CVE-2017-0005?

The Graphics Device Interface (GDI) within various versions of Microsoft Windows allows local users to escalate privileges by executing a specially crafted application. This vulnerability could be exploited to gain higher access levels than intended, potentially impacting the security of the affected system.

CISA has reported CVE-2017-0005

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-0005 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Windows GDI The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2017-0005 - Proof of Concept

0005poc
Created by sheri31