Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-2370

CWE-2646 documents6 sources
Severity
7.2HIGH
EPSS
9.7%
top 7.06%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Microsoft Windows 2003 ServerMicrosoft Windows Server 2008Microsoft Windows Server 2012
Timeline
PublishedJul 14
Latest updateMay 14

Description

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

🔴Vulnerability Details

4
GHSA
GHSA-wmv6-6vx5-3643: The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and2022-05-14
Project0
Windows Exploitation Tricks: Relaying DCOM Authentication - Project Zero2021-10-01
CVEList
CVE-2015-2370: The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and2015-07-14
VulnCheck
Windows RPC Elevation of Privilege Vulnerability2015

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)2015-08-13
CVE-2015-2370 (HIGH CVSS 7.2) | The authentication implementation i | cvebase.io