Privilege escalation in Windows and Windows Server - CVE-2017-0100
Published: March 14, 2017 / Updated: March 26, 2021
Vulnerability identifier: #VU6026
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2017-0100
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
Public exploit is available
Vendor: Microsoft
Affected software:
Windows
Windows Server
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to elevate privileges.
The vulnerability exists due to failure to properly authenticate a client in when a DCOM object in Helppane.exe configured to run as the interactive user. A local user can execute specially crafted application and gain elevated privileges once another user is logged in to the same system via Terminal Services or Fast User Switching.
Successful exploitation of this vulnerability may allow an attacker to escalate privileges on the system.
How to mitigate CVE-2017-0100
Install updates from vendor's website.