CVE-2013-3660
Microsoft Win32k Privilege Escalation Vulnerability
CVSS
—
No CVSS
EPSS
39.6%
p98
KEV
YES
Mar 28, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
39.6%EPSS · 30 days39.6%
2026-06-302026-07-16
Product
Microsoft / Win32k
Vulnerability
Microsoft Win32k Privilege Escalation Vulnerability
Added to KEV
Mar 28, 2022
Remediate by
Apr 18, 2022
Known ransomware use
No
Summary description
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2013-3660
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2014-4113—99.7%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2016-7255—99.6%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2021-1732—99.5%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2019-1458—99.4%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2018-8120—99.4%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2018-8453—99.3%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—