CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 15, 2022
Description
A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.
EPSS — Exploit Probability
40.8%
Higher than 97.3% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2016-3393
Risk Assessment
ELEVATEDIn CISA KEV
Details
- Severity
- High
- EPSS
- 40.8%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
May 25, 2022
Added to KEV
May 25, 2022
Remediation Due
Jun 15, 2022