{"uuid": "4c98b642-027b-4b89-b7d2-1bdd711ac36a", "vulnerability": {"vulnId": "CVE-2016-0099", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "4c98b642-027b-4b89-b7d2-1bdd711ac36a"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2022-03-03T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2022-03-03T00:00:00Z", "recorded_at": "2026-02-02T13:24:01Z", "first_seen_at": "2022-03-03T00:00:00Z"}, "scope": {"notes": "KEV entry: Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability | Affected: Microsoft / Windows | Description: A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. | Required action: Apply updates per vendor instructions. | Due date: 2022-03-24 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2016-0099"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": ["CWE-264"], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "Windows", "due_date": "2022-03-24", "date_added": "2022-03-03", "vendorProject": "Microsoft", "vulnerabilityName": "Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability", "knownRansomwareCampaignUse": "Known"}}], "references": [{"id": "CVE-2016-0099", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-0099"}]}