cbcvebase.
CVE-2017-0165
published 2017-04-12

CVE-2017-0165: An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server…

PriorityP346high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
3.34%
87.1th percentile
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."

Affected

11 ranges
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_server_2012
microsoft_corporationwindows
msrcwindows_10_for_32-bit_systems
msrcwindows_10_for_x64-based_systems
msrcwindows_10_version_1511_for_32-bit_systems
msrcwindows_10_version_1511_for_x64-based_systems
msrcwindows_8.1_for_32-bit_systems
msrcwindows_8.1_for_x64-based_systems
msrcwindows_rt_8.1
msrcwindows_server_2012_r2

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_msrc6.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.