|Number of vulnerabilities||2|
|CVE ID|| CVE-2017-8702
|CWE ID|| CWE-20
|Public exploit||Not available|
|Vulnerable software versions||
Windows Server 2016
The disclosed vulnerability allows a local user to escalate privileges on the system.
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. A local user can execute arbitrary code on the target system with elevated privileges.
Install updates from vendor's website.External links
The vulnerability allows a local attacker to bypass security restrictions on the target system.
The vulnerability exists due to mishandling of objects in memory by Windows Control Flow Guard. A local attacker can run a specially crafted application and bypass security restrictions.
Install update from vendor's website.