cve-2015-7359
Vulnerability from cvelistv5
Published
2017-10-02 19:00
Modified
2024-08-06 07:43
Severity ?
Summary
The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users' mounted encrypted volumes.
References
cve@mitre.orghttp://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2015/09/22/7Mailing List, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2015/09/24/3Issue Tracking, Mailing List, Third Party Advisory
cve@mitre.orghttps://code.google.com/p/google-security-research/issues/detail?id=537Issue Tracking, Third Party Advisory
cve@mitre.orghttps://veracrypt.codeplex.com/wikipage?title=Release%20NotesRelease Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/09/22/7Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/09/24/3Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/google-security-research/issues/detail?id=537Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://veracrypt.codeplex.com/wikipage?title=Release%20NotesRelease Notes, Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:43:46.348Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/google-security-research/issues/detail?id=537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://veracrypt.codeplex.com/wikipage?title=Release%20Notes"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html"
          },
          {
            "name": "[oss-security] 20150924 Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/09/24/3"
          },
          {
            "name": "[oss-security] 20150922 CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/09/22/7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users\u0027 mounted encrypted volumes."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-02T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://code.google.com/p/google-security-research/issues/detail?id=537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://veracrypt.codeplex.com/wikipage?title=Release%20Notes"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html"
        },
        {
          "name": "[oss-security] 20150924 Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/09/24/3"
        },
        {
          "name": "[oss-security] 20150922 CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/09/22/7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7359",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users\u0027 mounted encrypted volumes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://code.google.com/p/google-security-research/issues/detail?id=537",
              "refsource": "MISC",
              "url": "https://code.google.com/p/google-security-research/issues/detail?id=537"
            },
            {
              "name": "https://veracrypt.codeplex.com/wikipage?title=Release%20Notes",
              "refsource": "CONFIRM",
              "url": "https://veracrypt.codeplex.com/wikipage?title=Release%20Notes"
            },
            {
              "name": "http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html"
            },
            {
              "name": "[oss-security] 20150924 Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/09/24/3"
            },
            {
              "name": "[oss-security] 20150922 CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/09/22/7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7359",
    "datePublished": "2017-10-02T19:00:00",
    "dateReserved": "2015-09-24T00:00:00",
    "dateUpdated": "2024-08-06T07:43:46.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-7359\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-03T01:29:00.763\",\"lastModified\":\"2024-11-21T02:36:38.747\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users\u0027 mounted encrypted volumes.\"},{\"lang\":\"es\",\"value\":\"Los m\u00e9todos (1) IsVolumeAccessibleByCurrentUser y (2) MountDevice en Ntdriver.c en TrueCrypt 7.0; VeraCrypt, en versiones anteriores a la 1.15; y CipherShed, cuando se ejecutan en Windows, no comprueban el nivel de suplantaci\u00f3n de los tokens de suplantaci\u00f3n, lo que permite que los usuarios locales suplanten a un usuario a nivel de SecurityIdentify y obtengan acceso a los vol\u00famenes cifrados montados de otros usuarios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ciphershed:ciphershed:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.7.5.0\",\"matchCriteriaId\":\"3D960C67-AE15-4CA6-8421-AAD0AEB18E29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:idrix:veracrypt:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.14\",\"matchCriteriaId\":\"95F04B78-6A14-4F91-81DA-BF22FC44F692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:truecrypt:truecrypt:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F9FC5F7-6BCB-4F28-BB8F-C8A5C77662DC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/09/22/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/09/24/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://code.google.com/p/google-security-research/issues/detail?id=537\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://veracrypt.codeplex.com/wikipage?title=Release%20Notes\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/09/22/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/09/24/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://code.google.com/p/google-security-research/issues/detail?id=537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://veracrypt.codeplex.com/wikipage?title=Release%20Notes\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.