CVE-2015-0016
Published: 13 January 2015
Summary
CVE-2015-0016 is a high-severity Path Traversal (CWE-22) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 0.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
The vulnerability is a directory traversal flaw in the TS WebProxy (TSWbPrxy) component, tracked as CVE-2015-0016 with CWE-22. It affects Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. The issue permits privilege escalation when a crafted pathname is supplied in an executable file, as demonstrated by an integrity-level transition from Low to Medium.
Remote attackers can exploit the flaw to escape the Internet Explorer sandbox and obtain elevated privileges on the target system. The CVSS 3.1 score of 7.8 reflects local attack vector, low complexity, no privileges required, and required user interaction, resulting in high impact to confidentiality, integrity, and availability.
Public exploit code and technical analyses have been published, including detailed walkthroughs of the IE sandbox escape technique and proof-of-concept files hosted on Exploit-DB and Packet Storm. Advisories from vendors such as Secunia reference the associated Microsoft bulletin for patch availability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2015-0054
Vulnerability details
Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows…
more
remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability."
- CWE(s)
- KEV Date Added
- 25 May 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly blocks the crafted pathname in the executable file that triggers the directory traversal in TSWbPrxy.
Enforces intended access restrictions on pathnames and integrity levels that the flaw otherwise bypasses to escalate from Low to Medium.
Limits the privileges an attacker can obtain even if the Low-to-Medium integrity transition succeeds via the traversal.