CVE-2016-3225
72Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 43%
from disclosure to weapon844 days
Published on NVDJun 16
1st PoC+844d
metasploitJan 16
VulnCheck+715d
exploitation probability
43%top 1% of all CVEs
observed exploitation
yesVulnCheck
3 public exploit(s)
The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication request to an unintended service, aka "Windows SMB Server Elevation of Privilege Vulnerability."
Affected products
n/a · n/apublic PoCs found — 3
cve_referencewww.exploit-db.com/exploits/45562/unverifiedexploitdbwww.exploit-db.com/exploits/45562unverifiedvulncheckvulncheck.com/xdb/d3e5abe2a86aunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.