KEVIntel
Back to KEVs
8.2
CVSS
High

CVE-2015-2546

PUBLISHED

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server...

Exploited in the wild Used in malware Low complexity
Vendor
Microsoft
Product
Windows
Published
Sep 09, 2015
EPSS

Description

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2518.

windows cisa malware ransomware

CVSS scores

CVSS v3.1 8.2 High

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CVSS v2.0 6.9

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitation status

Exploited in the wild

Recorded 2022-03-15 00:00:00 UTC · Source

Used in malware

Recorded 2022-03-15 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Mar 15, 2022

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

k0keoyo/CVE-2015-2546-Exploit

github · Created 2017-05-25 14:20:34 UTC · 22 stars

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel