Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-2527Improper Input Validation in Microsoft Windows Server 2012

CWE-264CWE-20Improper Input Validation5 documents5 sources
Severity
7.2HIGHNVD
EPSS
14.9%
top 5.44%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows Server 2012
Timeline
PublishedSep 9
Latest updateMay 14

Description

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-w6j5-fvc8-44j6: The process-initialization implementation in win32k2022-05-14

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)2015-09-15

📋Vendor Advisories

1
Red Hat
RHEV: vdsm spice disable-ticketing and VM suspend and restore allows auth bypass2015-09-15

🕵️Threat Intelligence

1
Zscaler
Zscaler detects IE & MS Office Vulnerabilities | 09-09-2015