Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-0057Microsoft Windows Server 2008 vulnerability

CWE-26412 documents7 sources
Severity
7.2HIGHNVD
EPSS
68.4%
top 1.39%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Windows Server 2008Microsoft Windows Server 2012
Timeline
PublishedFeb 11
Latest updateMay 14

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-75jq-cg34-p7mp: win32k2022-05-14

💥Exploits & PoCs

2
Exploit-DB
Microsoft Windows 8.1 - 'win32k' Local Privilege Escalation (MS15-010)2015-12-18
Exploit-DB
Microsoft Windows - Local Privilege Escalation (MS15-010)2015-05-25

🕵️Threat Intelligence

7
Fortinet
Evasive Sage 2.2 Ransomware Variant Targets More Countries2017-10-29
Fortinet
BlackHat Asia 2016 wraps up2016-04-12
Fortinet
What's cooking? Dridex’s New and Undiscovered Recipes2016-03-23
Talos
Microsoft Patch Tuesday for February 2015: 56 vulnerabilities fixed2015-02-10
Fortinet
One Bit To Rule Them All: Bypassing Windows 10 Protections Using a Single Bit | FortiGuard Labs2015-02-10

📄Research Papers

1
arXiv
On the Effectiveness of Type-based Control Flow Integrity2020-02-14