cbcvebase.
CVE-2016-0161
published 2016-04-12

CVE-2016-0161: Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a…

PriorityP347medium6.5CVSS 3.0
AVNACLPRNUIRSUCNIHAN
EPSS
68.77%
99.3th percentile
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.

Affected

4 ranges
VendorProductVersion rangeFixed in
msrcmicrosoft_edge_on_windows_10_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered when Microsoft Edge does not properly validate JavaScript under specific conditions, potentially allowing a script to run with elevated privileges — look for Edge renderer processes spawning at medium-integrity level unexpectedly
  • Attack vector is web-based; monitor for Edge processes launched from user-visited or attacker-controlled websites that subsequently execute code at medium-integrity level rather than the expected low-integrity level
  • CVE-2016-0161 is commonly chained with a second vulnerability for full code execution — detect suspicious two-stage exploit chains involving Microsoft Edge and privilege escalation to medium integrity
  • Same Origin Policy bypass is the mechanism — monitor for cross-origin JavaScript access attempts within Edge that should normally be blocked
  • ·Patch is delivered via KB3147461 and KB3147458; unpatched systems running Microsoft Edge are the affected population
  • ·No public exploit or in-the-wild exploitation confirmed at time of advisory; exploitation assessed as 'Unlikely' for latest software release
  • ·The vulnerability by itself does not allow arbitrary code execution; a second vulnerability must be chained to achieve meaningful impact

CVSS provenance

nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_msrc6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.