CVE-2013-3660CISA KEVEPSS p98.4%

CVE-2013-3660Microsoft Win32k Privilege Escalation Vulnerability

Microsoft / Win32k

Description

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.

Scoring

EPSS39.58% probability of exploitation · percentile 98.4% · 2026-06-19T12:03:05Z

CISA KEV entry

Added to KEV: 2022-03-28

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Win32k Privilege Escalation Vulnerabilitykev-cve-2013-36600%live
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.