CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2524

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2528.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.113

EPSS Ranking 93.1%

CVSS Severity

CVSS v2 Score 7.2

References

Products affected by CVE-2015-2524

Microsoft » Windows 10 » Version: N/A

cpe:2.3:o:microsoft:windows_10:-
Microsoft » Windows 8.1 » Version: N/A

cpe:2.3:o:microsoft:windows_8.1:-
Microsoft » Windows 8 » Version: N/A

cpe:2.3:o:microsoft:windows_8:-
Microsoft » Windows Rt » Version: N/A

cpe:2.3:o:microsoft:windows_rt:-
Microsoft » Windows Rt 8.1 » Version: N/A

cpe:2.3:o:microsoft:windows_rt_8.1:-
Microsoft » Windows Server 2012 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2012:-
Microsoft » Windows Server 2012 » Version: r2

cpe:2.3:o:microsoft:windows_server_2012:r2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2524

Products

Pricing

Contact Us