Vulnerability Description
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2524.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 | - |
| Microsoft | Windows 7 | - |
| Microsoft | Windows 8 | - |
| Microsoft | Windows 8.1 | - |
| Microsoft | Windows Rt | - |
| Microsoft | Windows Rt 8.1 | - |
| Microsoft | Windows Server 2008 | - |
| Microsoft | Windows Server 2012 | - |
| Microsoft | Windows Vista | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/159109/Microsoft-Windows-CloudExperienceHos
- http://www.securitytracker.com/id/1033494Third Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-10PatchVendor Advisory
- https://www.exploit-db.com/exploits/38201/Third Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/159109/Microsoft-Windows-CloudExperienceHos
- http://www.securitytracker.com/id/1033494Third Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-10PatchVendor Advisory
- https://www.exploit-db.com/exploits/38201/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-2528?
CVE-2015-2528 is a vulnerability with a CVSS score of 7.2 (HIGH). Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges v...
How severe is CVE-2015-2528?
CVE-2015-2528 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2528?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8, Microsoft Windows 8.1, Microsoft Windows Rt.