CVE-2016-0088 — Improper Access Control in Microsoft Windows Server 2012
Severity
9.3CRITICALNVD
EPSS
1.5%
top 18.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 12
Latest updateMay 14
Description
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability."
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.5 | Impact: 6.0