Main Vulnerability Database Exploits ID:5243 - Exploit for Privilege escalation in Windows and Windows Server - CVE-2017-0100

ID:5243 - Exploit for Privilege escalation in Windows and Windows Server - CVE-2017-0100

Published: March 26, 2021

Vulnerability identifier: #VU6026

Vulnerability risk: Low

CVE-ID: CVE-2017-0100

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/cssxn/CVE-2017-0100

Vulnerability description

The vulnerability allows a local user to elevate privileges.

The vulnerability exists due to failure to properly authenticate a client in when a DCOM object in Helppane.exe configured to run as the interactive user. A local user can execute specially crafted application and gain elevated privileges once another user is logged in to the same system via Terminal Services or Fast User Switching.

Successful exploitation of this vulnerability may allow an attacker to escalate privileges on the system.

Remediation

Install updates from vendor's website.

ID:5243 - Exploit for Privilege escalation in Windows and Windows Server - CVE-2017-0100

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human