CVE-2015-1769

MEDIUM KEV

Microsoft Windows 10 - Access Control

Title source: rule

Description

Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Mount Manager Elevation of Privilege Vulnerability."

Exploits (1)

nomisec WORKING POC 3 stars

by int0 · poc

https://github.com/int0/CVE-2015-1769

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://blogs.technet.com/b/srd/archive/2015/08/11/defending-against-cve-2015-1769-a-logical-issue-exploited-via-a-malicious-usb-stick.aspx

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033244

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-085

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1769

Scores

CVSS v3 6.6

EPSS 0.3179

EPSS Percentile 96.7%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2022-05-25

VulnCheck KEV 2015-08-11

InTheWild.io 2015-08-11

ENISA EUVD EUVD-2015-1899

Classification

CWE

CWE-264

Status draft

Affected Products (12)

microsoft/windows_10

microsoft/windows_7

microsoft/windows_8

microsoft/windows_8.1

microsoft/windows_rt

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_server_2012

microsoft/windows_server_2012

microsoft/windows_vista

Timeline

Published Aug 15, 2015

KEV Added May 25, 2022

Tracked Since Feb 18, 2026