Privilege escalation in Windows and Windows Server - CVE-2016-7211
Published: October 14, 2016 / Updated: March 20, 2018
Vulnerability identifier: #VU991
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-7211
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Microsoft
Affected software:
Windows
Windows Server
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to obtain elevated privileges on the target system.
The weakness exists due to boundary error when handling crafted input. By running a specially crafted application, attacker can obtain root privileges on the affected system.
Succesful exploitation of the vulnerability may result in complete access to the vulnerable system.
The weakness exists due to boundary error when handling crafted input. By running a specially crafted application, attacker can obtain root privileges on the affected system.
Succesful exploitation of the vulnerability may result in complete access to the vulnerable system.
How to mitigate CVE-2016-7211
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.