ID

VAR-201611-0235


CVE

CVE-2016-7225


TITLE

Microsoft Windows 10 and Windows Server 2016 Privilege Escalation Vulnerability in Virtual Hard Disk Driver

Trust: 0.8

sources: JVNDB: JVNDB-2016-005808

DESCRIPTION

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability.". According to Microsoft security bulletins, this vulnerability VHD Driver Elevation of Privilege Vulnerability ”. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through a specially crafted application. Microsoft Windows is a series of operating systems released by Microsoft Corporation of the United States. A local attacker can exploit this issue to run processes with elevated privileges

Trust: 2.43

sources: NVD: CVE-2016-7225 // JVNDB: JVNDB-2016-005808 // CNVD: CNVD-2016-11026 // BID: 94016

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-11026

AFFECTED PRODUCTS

vendor:microsoftmodel:windows 10scope:eqversion:1511

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion:1607

Trust: 1.6

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1607 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1607 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows server 2016scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows server 2016scope:eqversion:for x64-based systems (server core install )

Trust: 0.8

vendor:microsoftmodel:windowsscope:eqversion:10

Trust: 0.6

vendor:microsoftmodel:windowsscope:eqversion:101511

Trust: 0.6

vendor:microsoftmodel:windowsscope:eqversion:101607

Trust: 0.6

vendor:microsoftmodel:windows serverscope:eqversion:2016

Trust: 0.6

vendor:microsoftmodel:windows server for x64-based systemsscope:eqversion:20160

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1015110

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1015110

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:100

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:100

Trust: 0.3

sources: CNVD: CNVD-2016-11026 // BID: 94016 // JVNDB: JVNDB-2016-005808 // CNNVD: CNNVD-201611-172 // NVD: CVE-2016-7225

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7225
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7225
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-11026
value: LOW

Trust: 0.6

CNNVD: CNNVD-201611-172
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2016-7225
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-11026
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2016-7225
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 4.2
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-11026 // JVNDB: JVNDB-2016-005808 // CNNVD: CNNVD-201611-172 // NVD: CVE-2016-7225

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2016-005808 // NVD: CVE-2016-7225

THREAT TYPE

local

Trust: 0.9

sources: BID: 94016 // CNNVD: CNNVD-201611-172

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201611-172

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005808

PATCH

title:MS16-138url:https://technet.microsoft.com/en-us/library/security/ms16-138.aspx

Trust: 0.8

title:MS16-138url:https://technet.microsoft.com/ja-jp/library/security/ms16-138.aspx

Trust: 0.8

title:Patch for Microsoft VHD Driver Privilege Escalation Vulnerability (CNVD-2016-11026)url:https://www.cnvd.org.cn/patchInfo/show/83743

Trust: 0.6

title:Microsoft Windows VHD Fixes for driver privilege elevation vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65544

Trust: 0.6

title:Microsoft Windows VHD Fixes for driver privilege elevation vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65396

Trust: 0.6

sources: CNVD: CNVD-2016-11026 // JVNDB: JVNDB-2016-005808 // CNNVD: CNNVD-201611-172

EXTERNAL IDS

db:NVDid:CVE-2016-7225

Trust: 3.3

db:BIDid:94016

Trust: 2.5

db:EXPLOIT-DBid:40764

Trust: 1.0

db:SECTRACKid:1037248

Trust: 1.0

db:JVNDBid:JVNDB-2016-005808

Trust: 0.8

db:CNVDid:CNVD-2016-11026

Trust: 0.6

db:NSFOCUSid:35363

Trust: 0.6

db:CNNVDid:CNNVD-201611-172

Trust: 0.6

sources: CNVD: CNVD-2016-11026 // BID: 94016 // JVNDB: JVNDB-2016-005808 // CNNVD: CNNVD-201611-172 // NVD: CVE-2016-7225

REFERENCES

url:http://www.securityfocus.com/bid/94016

Trust: 1.6

url:http://www.securitytracker.com/id/1037248

Trust: 1.0

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138

Trust: 1.0

url:https://www.exploit-db.com/exploits/40764/

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7225

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20161109-ms.html

Trust: 0.8

url:http://www.jpcert.or.jp/at/2016/at160046.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7225

Trust: 0.8

url:https://technet.microsoft.com/library/security/ms16-138

Trust: 0.6

url:http://technet.microsoft.com/security/bulletin/ms16-138

Trust: 0.6

url:http://www.nsfocus.net/vulndb/35363

Trust: 0.6

url:http://www.microsoft.com/windows/default.mspx

Trust: 0.3

url:http://technet.microsoft.com/en-us/security/bulletin/ms16-138

Trust: 0.3

sources: CNVD: CNVD-2016-11026 // BID: 94016 // JVNDB: JVNDB-2016-005808 // CNNVD: CNNVD-201611-172 // NVD: CVE-2016-7225

CREDITS

James Forshaw of Google Project Zero

Trust: 0.9

sources: BID: 94016 // CNNVD: CNNVD-201611-172

SOURCES

db:CNVDid:CNVD-2016-11026
db:BIDid:94016
db:JVNDBid:JVNDB-2016-005808
db:CNNVDid:CNNVD-201611-172
db:NVDid:CVE-2016-7225

LAST UPDATE DATE

2024-08-14T13:31:57.304000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-11026date:2016-11-14T00:00:00
db:BIDid:94016date:2016-11-24T01:08:00
db:JVNDBid:JVNDB-2016-005808date:2016-11-11T00:00:00
db:CNNVDid:CNNVD-201611-172date:2016-11-11T00:00:00
db:NVDid:CVE-2016-7225date:2018-10-12T22:14:16.890

SOURCES RELEASE DATE

db:CNVDid:CNVD-2016-11026date:2016-11-14T00:00:00
db:BIDid:94016date:2016-11-08T00:00:00
db:JVNDBid:JVNDB-2016-005808date:2016-11-11T00:00:00
db:CNNVDid:CNNVD-201611-172date:2016-11-11T00:00:00
db:NVDid:CVE-2016-7225date:2016-11-10T06:59:38.063