Local Privilege Escalation Vulnerability in Microsoft Windows Products
CVE-2015-6132

Currently unrated

Key Information:

Vendor
Microsoft
Status
Windows Server 2008
Windows Server 2012
Windows Rt
Windows 10
Vendor
CVE Published:
9 December 2015

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 76%

Summary

This vulnerability exists in various versions of Microsoft Windows due to improper handling of library loading processes. This flaw can be exploited by a local user with access to the system to execute a crafted application, potentially leading to elevated privileges and unauthorized access. It impacts multiple Windows versions including Windows Vista, Windows 7, Windows 8, and Windows 10, exposing systems to risks of executing malicious code that can compromise the integrity and security of the operating system.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2015-6132
Created by hexx0r

References

https://www.exploit-db.com/exploits/38968/
exploitx_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1034338
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

76% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.