← back
CVE-2017-0101

CVE-2017-0101

CVSS 7.8 HIGHEPSS 57.5%● KEVCWE-119
In short

A flaw in Windows kernel drivers allows a local user to run malicious code with system-level privileges. An attacker needs to already have access to the computer and can exploit this to take complete control.

Technical detail

The vulnerability exists in the Transaction Manager kernel-mode drivers across multiple Windows versions, allowing local attackers to achieve privilege escalation through a crafted application. The attack requires local code execution capability and results in elevation to kernel-level privileges, enabling full system compromise.

Summary generated and translated by AI from the official description.
The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Microsoft Corporation · Windows
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44479/unverifiedexploitdbwww.exploit-db.com/exploits/44479unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-0101https://www.exploit-db.com/exploits/44479/http://www.securityfocus.com/bid/96625http://www.securitytracker.com/id/1038013