Privilege escalation in Microsoft products - CVE-2016-3341
Published: October 11, 2016 / Updated: February 2, 2017
Vulnerability identifier: #VU970
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-3341
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Microsoft
Affected software:
Windows
Windows RT
Windows Server
Windows
Windows RT
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to obtain elevated privileges on the target system.
The vulnerability exists due to improper handling of objects in memory. By running a malicious program on the affected system attackers can gain root privileges on the system that may lead to complete compromise of the system.
Successful exploitation of this vulnerability will allow the local attacker to obtain elevated privileges on vulnerable system.
The vulnerability exists due to improper handling of objects in memory. By running a malicious program on the affected system attackers can gain root privileges on the system that may lead to complete compromise of the system.
Successful exploitation of this vulnerability will allow the local attacker to obtain elevated privileges on vulnerable system.
How to mitigate CVE-2016-3341
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.