CVE-2016-7224
published 2016-11-10CVE-2016-7224: Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016…
PriorityP339medium6.1CVSS 3.0
AVLACLPRLUINSUCLIHAN
EXPLOIT
EPSS
4.11%
89.5th percentile
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2012 | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
nvdv2.03.6LOWAV:L/AC:L/Au:N/C:P/I:P/A:N
vendor_msrc6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
VHD Driver Elevation of Privilege Vulnerability
vendor_msrc·2016-11-08·CVSS 6.8
CVE-2016-7224 [MEDIUM] VHD Driver Elevation of Privilege Vulnerability
VHD Driver Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when the Windows Virtual Hard Disk Drive fails to properly handle user access to certain files. An attacker who successfully exploited the vulnerability could manipulate files in locations not intended to be available to the user.
To exploit the vulnerability, an attacker would need access to the local system and the ability to execute a specially crafted application on the system.
The security update addresses the vulnerability by correcting how the kernel API restricts access to these files.
Microsoft Virtual Hard Drive: Microsoft Virtual Hard Drive
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
GHSA
GHSA-7m2h-7xmj-fm47: Virtual Hard Disk Driver in Microsoft Windows 8
ghsa_unreviewed·2022-05-14
CVE-2016-7224 [MEDIUM] CWE-284 GHSA-7m2h-7xmj-fm47: Virtual Hard Disk Driver in Microsoft Windows 8
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
No detection rules found.
http://www.securityfocus.com/bid/94017http://www.securitytracker.com/id/1037248https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138https://www.exploit-db.com/exploits/40765/http://www.securityfocus.com/bid/94017http://www.securitytracker.com/id/1037248https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138https://www.exploit-db.com/exploits/40765/
2016-11-10
Published