Remote Procedure Call Vulnerability in Microsoft Windows
CVE-2015-2370

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2003 Server; Windows Rt; Windows 8.1; Windows Server 2008
Vendor: CVE Published:; 14 July 2015

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2015-2370?

The vulnerability affects the authentication implementation within the RPC subsystem of various Microsoft Windows operating systems. It allows local users to exploit DCE/RPC connection reflection, potentially leading to unauthorized privilege escalation via a specially crafted application. This weakness can be leveraged by malicious actors to gain elevated rights on affected systems, thereby posing a significant security risk.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2015-2370 - Proof of Concept

References

http://www.securitytracker.com/id/1032907

vdb-entryx_refsource_SECTRACK

https://www.exploit-db.com/exploits/37768/

exploitx_refsource_EXPLOIT-DB

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

9% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jul 14, 2015
👾
Exploit known to exist
Jul 14, 2015
Vulnerability published
Jul 14, 2015
Vulnerability Reserved
Mar 19, 2015

CVE-2015-2370 Data

JSON