Vulnerability in N/a
CVE-2016-7255
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local u…
EPSS: 0.896 (99.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Public proof-of-concept exploits
References
- packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetW… (x_refsource_MISC)
- github.com/mwrlabs/CVE-2016-7255 (x_refsource_MISC)
- 40823 (exploit, x_refsource_EXPLOIT-DB)
- 41015 (exploit, x_refsource_EXPLOIT-DB)
- securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escala… (x_refsource_MISC)
- 40745 (exploit, x_refsource_EXPLOIT-DB)
- 1037251 (vdb-entry, x_refsource_SECTRACK)
- MS16-135 (x_refsource_MS, vendor-advisory)
- blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzi… (x_refsource_MISC)
- 94064 (vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2016-7255?
- CVE-2016-7255 is a vulnerability in N/a. Published 2016-11-10.
- Is CVE-2016-7255 known to be exploited?
- Yes. CVE-2016-7255 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2021-11-03), indicating it is being actively exploited. 70 public proof-of-concept repositories are indexed.