← back
CVE-2016-0151

CVE-2016-0151

CVSS 7.8 HIGHEPSS 63.2%● KEVCWE-269
In short

A flaw in Windows' Client-Server Run-time Subsystem allows a local user to run a specially crafted application that bypasses security restrictions and gains higher privileges on the system.

Technical detail

CWE-269 (Improper Access Control): The CSRSS component mismanages process tokens, enabling privilege escalation through a local attack vector. Requires local access and execution of a malicious application; impacts confidentiality, integrity, and availability.

Summary generated and translated by AI from the official description.
The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/39740/unverifiedexploitdbwww.exploit-db.com/exploits/39740unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-048https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0151https://www.exploit-db.com/exploits/39740/http://www.securitytracker.com/id/1035544