Published: 03/10/2017 Updated: 28/06/2021

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt prior to 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users' mounted encrypted volumes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
truecrypt truecrypt 7.0
ciphershed ciphershed
idrix veracrypt

Here are the God-mode holes that gave TrueCrypt audit the slip

The Register • Darren Pauli • 29 Sep 2015

Elevation-of-privilege vulnerabilities found in popular encryption system

Google Project Zero hacker James Forshaw has found a pair of privilege-elevation holes in the once-popular TrueCrypt encryption package. The bugs have been patched in spinoff app Veracrypt, so if you want to stay secure, you may want to shift over to that package. The flaws are not the fabled backdoors feared lurking in the TrueCrypt code, but can be exploited to compromise the machine, install spyware, record password keystrokes, and so on. TrueCrypt development was axed last year after its mys...

CVE-2015-7359

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect