Описание
The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "DirectX Elevation of Privilege Vulnerability."
Ссылки
- Third Party AdvisoryVDB Entry
- MitigationPatchVendor Advisory
- Third Party AdvisoryVDB Entry
- MitigationPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00658
Низкий
7 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-281
Связанные уязвимости
CVSS3: 7
github
около 3 лет назад
The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "DirectX Elevation of Privilege Vulnerability."
EPSS
Процентиль: 70%
0.00658
Низкий
7 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-281