Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."
Published 2015-04-21 10:59:00
Updated 2025-02-10 18:15:22
View at NVD,   CVE.org
Vulnerability category: Gain privilege

Products affected by CVE-2015-1701

CVE-2015-1701 is in the CISA Known Exploited Vulnerabilities Catalog

This issue is known to have been leveraged as part of a ransomware campaign.
CISA vulnerability name:
Microsoft Win32k Privilege Escalation Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2015-1701
Added on 2022-03-03 Action due date 2022-03-24

Exploit prediction scoring system (EPSS) score for CVE-2015-1701

34.74%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2015-1701

  • Windows ClientCopyImage Win32k Exploit
    Disclosure Date: 2015-05-12
    First seen: 2020-04-26
    exploit/windows/local/ms15_051_client_copy_image
    This module exploits improper object handling in the win32k.sys kernel mode driver. This module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. Authors: - Unknown - hfirefox - OJ Reeves - Spencer McIn

CVSS scores for CVE-2015-1701

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.2
HIGH AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
NIST
7.8
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.8
5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 2025-02-10
7.8
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.8
5.9
NIST 2024-07-16

References for CVE-2015-1701

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!