Vulnerability Details CVE-2015-7965
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/
- https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf
- https://safenet.gemalto.com/technical-support/security-updates/
- https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/
- https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf
- https://safenet.gemalto.com/technical-support/security-updates/
Products affected by CVE-2015-7965
-
cpe:2.3:a:gemalto:safenet_authentication_service_windows_logon_agent:-