Lucene search
AttackerKBAKB:66586765-CBBC-44D5-82CB-A124127EBBD7HistoryApr 14, 2015 - 12:00 a.m.
DosDevices Impersonation Process Creation Elevation of Privilege
2015-04-1400:00:00
attackerkb.com
31
0.0004 Low
EPSS
Percentile
16.1%
The fix for CVE-2015-1644 doesn’t take into account process creation scenarios. If a process is created by a system service while impersonating another user their per-user drive mappings will still be used which could lead to EoP.
Recent assessments:
busterb at May 09, 2019 5:57pm UTC reported:
No known exploitable services in the wild
Assessed Attacker Value: 1
Assessed Attacker Value: 1Assessed Attacker Value: 4
Related
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2015-04-14 20:59:00
cvelist
cvelist
CVE-2015-1644
2015-04-14 20:00:00
symantec
symantec
Microsoft Windows CVE-2015-1644 Remote Privilege Escalation Vulnerability
2015-04-14 00:00:00
exploitpack
exploitpack
nvd
nvd
CVE-2015-1644
2015-04-14 20:59:07
cve
cve
CVE-2015-1644
2015-04-14 20:59:07
exploitdb
exploitdb
nessus
nessus
seebug
seebug
openvas
openvas
Microsoft Windows Privilege Elevation Vulnerabilities (3049576)
2015-04-15 00:00:00
kaspersky
kaspersky
KLA10559 Privileges escalation in Microsoft products
2015-04-14 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-04-16 00:00:00