CVE-2015-1769

CVE Database · CVE-2015-1769

CVE-2015-1769

· MEDIUMAnalyzed

CVSS v3.1

6.6

EPSS

4.34%

Published

Aug 14, 2015

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-05-25 · Due: 2022-06-15

Apply updates per vendor instructions.

Public PoC / Exploit (2)

All weaponized →

TrickestTrickest PoC index GitHub PoCint0/CVE-2015-1769★1

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Mount Manager Elevation of Privilege Vulnerability."

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-264

Affected Products (12)

microsoft · windows_10vulnerable

microsoft · windows_7vulnerable

microsoft · windows_8vulnerable

microsoft · windows_8.1vulnerable

microsoft · windows_rtvulnerable

microsoft · windows_rt_8.1vulnerable

microsoft · windows_server_2008vulnerable