Lucene search

MitreCVE-2015-7358

HistoryOct 03, 2017 - 1:29 a.m.

CVE-2015-7358

2017-10-0301:29:00

CWE-264

mitre

web.nvd.nist.gov

cve-2015-7358

isdriveletteravailable

truecrypt

veracrypt

ciphershed

ntdriver.c

drive letter symbolic links

encrypted volume

global directory

privilege escalation

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

26.0%

JSON

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges via an entry in the /GLOBAL?? directory.

Affected configurations

Nvd

Node

ciphershedciphershedRange≤0.7.5.0

idrixveracryptRange≤1.14

truecrypttruecryptMatch7.0

AND

microsoftwindows

VendorProductVersionCPE
ciphershedciphershed*cpe:2.3:a:ciphershed:ciphershed:*:*:*:*:*:*:*:*
idrixveracrypt*cpe:2.3:a:idrix:veracrypt:*:*:*:*:*:*:*:*
truecrypttruecrypt7.0cpe:2.3:a:truecrypt:truecrypt:7.0:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ciphershed	ciphershed	*	cpe:2.3:a:ciphershed:ciphershed::::::::
idrix	veracrypt	*	cpe:2.3:a:idrix:veracrypt::::::::
truecrypt	truecrypt	7.0	cpe:2.3:a:truecrypt:truecrypt:7.0:::::::*
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::

References

packetstormsecurity.com/files/133878/Truecrypt-7-Derived-Code-Windows-Drive-Letter-Symbolic-Link-Creation-Privilege-Escalation.html

www.openwall.com/lists/oss-security/2015/09/22/7

www.openwall.com/lists/oss-security/2015/09/24/3

code.google.com/p/google-security-research/issues/detail?id=538

veracrypt.codeplex.com/wikipage?title=Release%20Notes

www.exploit-db.com/exploits/38403/

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

26.0%

JSON

Related for CVE-2015-7358