Remote Procedure Call Vulnerability in Microsoft Windows
CVE-2015-2370

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows 2003 Server
Windows Rt
Windows 8.1
Windows Server 2008
Vendor
CVE Published:
14 July 2015

What is CVE-2015-2370?

The vulnerability affects the authentication implementation within the RPC subsystem of various Microsoft Windows operating systems. It allows local users to exploit DCE/RPC connection reflection, potentially leading to unauthorized privilege escalation via a specially crafted application. This weakness can be leveraged by malicious actors to gain elevated rights on affected systems, thereby posing a significant security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1032907
vdb-entryx_refsource_SECTRACK
https://www.exploit-db.com/exploits/37768/
exploitx_refsource_EXPLOIT-DB
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.