CVE-2015-6174

Microsoft Windows - Local Privilege Escalation via Crafted Application

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-6174. PoCs published by Nils Sommer.

AI-analyzed exploit summary This exploit triggers a null pointer dereference in Windows 7 32-bit systems, potentially leading to a denial-of-service or privilege escalation if the null page is mappable. The PoC requires multiple executions and system activity to reliably trigger the vulnerability.

Description

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6171 and CVE-2015-6173.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nils Sommer · textdoswindows_x86

https://www.exploit-db.com/exploits/39026

View Code ZIP pw:eip

This exploit triggers a null pointer dereference in Windows 7 32-bit systems, potentially leading to a denial-of-service or privilege escalation if the null page is mappable. The PoC requires multiple executions and system activity to reliably trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Racy

Target: Microsoft Windows 7 32-bit

No auth needed

Prerequisites: Windows 7 32-bit with null page mapping enabled · Multiple executions and system activity

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1034334

Scores

EPSS 0.0328

EPSS Percentile 86.8%

Details

CWE

CWE-264

Status published

Products (12)

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_7

microsoft/windows_8

microsoft/windows_8.1

microsoft/windows_rt

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008 r2 sp1 (2 CPE variants)

microsoft/windows_server_2012

... and 2 more

Published Dec 09, 2015

Tracked Since Feb 18, 2026