#Windows Win32K - GRFX

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?** An authorized attacker with privileges could send controlled inputs to exploit this vulnerability.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network.

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Use after free in Windows GDI allows an unauthorized attacker to elevate privileges over a network.