Back to KEVs

CVE-2016-7255

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold...

Basic Information

CVE State
PUBLISHED
Reserved Date
September 09, 2016
Published Date
November 10, 2016
Last Updated
February 10, 2025
Vendor
n/a
Product
n/a
Description
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2017-04-15 01:46:52 UTC) Source

References

http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html https://github.com/mwrlabs/CVE-2016-7255 https://www.exploit-db.com/exploits/40823/ https://www.exploit-db.com/exploits/41015/ https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/ https://www.exploit-db.com/exploits/40745/ http://www.securitytracker.com/id/1037251 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135 http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/ http://www.securityfocus.com/bid/94064 https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

homjxi0e/CVE-2016-7255

Type: github • Created: 2017-04-15 01:46:52 UTC • Stars: 0

FSecureLABS/CVE-2016-7255

Type: github • Created: 2017-03-02 23:32:08 UTC • Stars: 81

An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit

heh3/CVE-2016-7255

Type: github • Created: 2017-01-13 15:49:58 UTC • Stars: 3