CVE-2015-6175
published 2015-12-09CVE-2015-6175: The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege…
PriorityP277high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-15
Exploited in the wild
EPSS
5.17%
91.4th percentile
The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability."
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Microsoft Windows Kernel Privilege Escalation Vulnerability
cisa·2022-05-25·CVSS 7.8
CVE-2015-6175 [HIGH] CWE-264 Microsoft Windows Kernel Privilege Escalation Vulnerability
Vulnerability: Microsoft Windows Kernel Privilege Escalation Vulnerability
Affected: Microsoft Windows
The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-6175
Remediation Due Date: 2022-06-15
VulDB
Microsoft Windows 10 Kernel access control (MS15-135 / EUVD-2015-6118)
vuldb·2026-04-23·CVSS 7.8
CVE-2015-6175 [HIGH] Microsoft Windows 10 Kernel access control (MS15-135 / EUVD-2015-6118)
A vulnerability categorized as problematic has been discovered in Microsoft Windows 10. The affected element is an unknown function of the component Kernel. Such manipulation leads to improper access controls.
This vulnerability is traded as CVE-2015-6175. The attack may be launched remotely. Furthermore, there is an exploit available.
A patch should be applied to remediate this issue.
GHSA
GHSA-4r4r-223f-8hjj: The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privi
ghsa_unreviewed·2022-05-14
CVE-2015-6175 [HIGH] GHSA-4r4r-223f-8hjj: The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privi
The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability."
VulnCheck
Microsoft Windows Kernel Privilege Escalation Vulnerability
vulncheck·2015·CVSS 7.8
CVE-2015-6175 [HIGH] CWE-264 Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows Kernel Privilege Escalation Vulnerability
The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.
Affected: Microsoft Windows
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-06-15
No detection rules found.
No public exploits indexed.
http://www.securitytracker.com/id/1034334https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135http://www.securitytracker.com/id/1034334https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-6175
2015-12-09
Published
2022-05-25
Added to CISA KEV
Exploited in the wild