Vulnerability Details : CVE-2016-7271
The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to bypass the virtual trust level (VTL) protection mechanism via a crafted application, aka "Secure Kernel Mode Elevation of Privilege Vulnerability."
Vulnerability category: Gain privilege
Exploit prediction scoring system (EPSS) score for CVE-2016-7271
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-7271
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-7271
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7271
-
http://www.securitytracker.com/id/1037451
Windows Secure Kernel Mode Lets Local Users Gain Elevated Privileges - SecurityTracker
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-150
Microsoft Security Bulletin MS16-150 - Important | Microsoft Docs
-
http://www.securityfocus.com/bid/94734
Microsoft Windows CVE-2016-7271 Local Privilege Escalation Vulnerability
Products affected by CVE-2016-7271
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*