CVE-2016-7211
Published on: 10/13/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:06 PM UTC
Certain versions of Windows 10 from Microsoft contain the following vulnerability:
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-3376, and CVE-2016-7185.
- CVE-2016-7211 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.3 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | LOW | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.2 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7211 Local Privilege Escalation Vulnerability | cve.report (archive) text/html | BID 93556 |
Microsoft Security Bulletin MS16-123 - Important | Microsoft Docs | docs.microsoft.com text/html | MS MS16-123 |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Microsoft | Windows 10 | - | All | All | All |
Operating System | Microsoft | Windows 10 | 1511 | All | All | All |
Operating System | Microsoft | Windows 10 | 1607 | All | All | All |
Operating System | Microsoft | Windows 10 | - | All | All | All |
Operating System | Microsoft | Windows 10 | 1511 | All | All | All |
Operating System | Microsoft | Windows 10 | 1607 | All | All | All |
Operating System | Microsoft | Windows 7 | All | sp1 | All | All |
Operating System | Microsoft | Windows 7 | All | sp1 | All | All |
Operating System | Microsoft | Windows 8.1 | All | All | All | All |
Operating System | Microsoft | Windows 8.1 | All | All | All | All |
Operating System | Microsoft | Windows Rt 8.1 | All | All | All | All |
Operating System | Microsoft | Windows Rt 8.1 | All | All | All | All |
Operating System | Microsoft | Windows Server 2008 | All | sp2 | All | All |
Operating System | Microsoft | Windows Server 2008 | r2 | sp1 | All | All |
Operating System | Microsoft | Windows Server 2008 | All | sp2 | All | All |
Operating System | Microsoft | Windows Server 2008 | r2 | sp1 | All | All |
Operating System | Microsoft | Windows Server 2012 | - | All | All | All |
Operating System | Microsoft | Windows Server 2012 | r2 | All | All | All |
Operating System | Microsoft | Windows Server 2012 | - | All | All | All |
Operating System | Microsoft | Windows Server 2012 | r2 | All | All | All |
Operating System | Microsoft | Windows Vista | All | sp2 | All | All |
Operating System | Microsoft | Windows Vista | All | sp2 | All | All |
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE