CVE-2017-0262

ENISA EUVD: EUVD-2017-0618 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 1 article

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

65.0%

probability

This CVE has a 65.0% probability of being exploited in the next 30 days.

0% Top 98.5th percentile of all CVEs 100%

CVSS v3.1

Source: NVD

7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Project Zero

Type Confusion in EPS forall operator

Affected Products

Google Project Zero

Patched

May 9, 2017

Reported by

Thomas Dupuy and Jessy Campos of ESET, Genwei Jiang of FireEye, Inc.

Root Cause Analysis

???

3 of 4 Zero-Days Microsoft Patched Yesterday Were Used by Russian Cyberspies

BleepingComputer May 10, 2017

Signal Intelligence

Confidenceⓘ

95%

EPSS 65.0%

CVSS v3.1 7.8

Mentions 1

Last Seen May 10, 2017

CNA Information

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026