← back
CVE-2016-3225observed exploitation

CVE-2016-3225

72Vexday Risk Score

Patch now. It exploitation observed by VulnCheck and has a working public exploit.

ssvc Actepss 43%
from disclosure to weapon844 days
Published on NVDJun 16
1st PoC+844d
metasploitJan 16
VulnCheck+715d
exploitation probability
43%top 1% of all CVEs
observed exploitation
yesVulnCheck
3 public exploit(s)
The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication request to an unintended service, aka "Windows SMB Server Elevation of Privilege Vulnerability."
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.