Back to KEVs

CVE-2017-0213

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2,...

Basic Information

CVE State
PUBLISHED
Reserved Date
September 09, 2016
Published Date
May 12, 2017
Last Updated
February 10, 2025
Vendor
Microsoft Corporation
Product
Windows COM
Description
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.

CVSS Scores

CVSS v3.1

7.3 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2022-03-28 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2022-01-29 00:36:46 UTC) Source
Used in Malware
Yes (added 2022-03-28 00:00:00 UTC) Source

References

http://www.securityfocus.com/bid/98102 https://www.exploit-db.com/exploits/42020/ http://www.securitytracker.com/id/1038457 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0213

Known Exploited Vulnerability Information

Source Added Date
CISA 2022-03-28 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

Anonymous-Family/CVE-2017-0213

Type: github • Created: 2022-01-29 00:36:46 UTC • Stars: 0

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.

eonrickity/CVE-2017-0213

Type: github • Created: 2018-04-10 18:34:17 UTC • Stars: 13

Fixed No Virus Manual Automatic Loader exe no zip because zip picks up the anti virus detector.

jbooz1/CVE-2017-0213

Type: github • Created: 2018-03-21 04:13:29 UTC • Stars: 1

A version of CVE-2017-0213 that I plan to use with an Empire stager

zcgonvh/CVE-2017-0213

Type: github • Created: 2017-07-01 16:07:04 UTC • Stars: 57

CVE-2017-0213 for command line

shaheemirza/CVE-2017-0213-

Type: github • Created: 2017-06-29 18:49:44 UTC • Stars: 0