⚠ Actively exploited
Added to CISA KEV on 2022-05-25. Federal agencies required to patch by 2022-06-15. Required action: Apply updates per vendor instructions..

CVE-2015-1769Microsoft Windows Server 2008 vulnerability

CWE-2648 documents6 sources
Severity
6.6MEDIUMNVD
EPSS
31.8%
top 3.19%
CISA KEV
KEV
Added 2022-05-25
Due 2022-06-15
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Microsoft Windows Server 2008Microsoft Windows Server 2012
Timeline
PublishedAug 15
KEV addedMay 25
KEV dueJun 15
CISA Required Action: Apply updates per vendor instructions.

Description

Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Mount Manager Elevation of Privilege Vulnerability."

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 0.7 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-fj6j-88c7-c8gx: Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 82022-05-14
VulnCheck
Microsoft Windows Mount Manager Privilege Escalation Vulnerability2015

📋Vendor Advisories

1
CISA
Microsoft Windows Mount Manager Privilege Escalation Vulnerability2022-05-25

🕵️Threat Intelligence

4
Talos
Microsoft Patch Tuesday - August 20152015-08-11
Krebs
Adobe, MS Push Patches, Oracle Drops Drama2015-08-11
Talos
Microsoft Patch Tuesday - August 20152015-08-11
Krebs
Adobe, MS Push Patches, Oracle Drops Drama – Krebs on Security2015-08-01