KEVIntel
Back to KEVs
7.8
CVSS
High

CVE-2017-0101

PUBLISHED

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows...

Exploited in the wild Used in malware Low complexity
Vendor
Microsoft Corporation
Product
Windows
Published
Mar 17, 2017
EPSS

Description

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

windows cisa malware ransomware microsoft

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0 6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2022-03-15 00:00:00 UTC · Source

Used in malware

Recorded 2022-03-15 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Mar 15, 2022

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel