Elevation of Privilege Vulnerability in Microsoft Windows Products
CVE-2015-2365

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2003 Server; Windows Rt; Windows 8.1; Windows Server 2008
Vendor: CVE Published:; 14 July 2015

Summary

The elevation of privilege vulnerability in win32k.sys allows local users to gain elevated access rights on multiple Microsoft Windows operating systems. By executing a specially crafted application, attackers can exploit this vulnerability to manipulate system processes, thereby compromising the integrity and security of the affected systems. This vulnerability impacts several versions of Windows, making it critical for users and organizations to implement the recommended security updates provided by Microsoft to mitigate potential risks.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1032904

vdb-entryx_refsource_SECTRACK

https://www.exploit-db.com/exploits/38267/

exploitx_refsource_EXPLOIT-DB

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 14, 2015
Vulnerability Reserved
Mar 19, 2015