Medium severity5.3NVD Advisory· Published May 12, 2017· Updated May 13, 2026

CVE-2017-0241

Description

An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233.

Affected products

Microsoft/Edge2 versions
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
- (no CPE)
Microsoft Corporation/Microsoft Edgev5
Range: Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0241nvdPatchVendor Advisory
www.securityfocus.com/bid/98208nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.012
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000