Vulnerability Details : CVE-2015-1674
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka "Windows Kernel Security Feature Bypass Vulnerability."
Exploit prediction scoring system (EPSS) score for CVE-2015-1674
Probability of exploitation activity in the next 30 days: 0.16%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 52 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-1674
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2015-1674
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-1674
-
http://www.securitytracker.com/id/1032292
Windows Kernel Memory Address Validation Flaw Lets Local Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-052
Microsoft Security Bulletin MS15-052 - Important | Microsoft DocsPatch;Vendor Advisory
-
https://www.exploit-db.com/exploits/37052/
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (MS15-052)Exploit;Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/74488
Microsoft Windows Kernel CVE-2015-1674 Local Security Bypass VulnerabilityThird Party Advisory;VDB Entry
Products affected by CVE-2015-1674
- cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*