Unrated severityNVD Advisory· Published Sep 9, 2015· Updated Jun 17, 2026

CVE-2015-2524

Description

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2528.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microsoft/Windows 10 1909
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
Microsoft/Windows 82 versions
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows 8.12 versions
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows Rt 8.12 versions
cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
Microsoft/Windows Server 20123 versions
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows RTllm-fuzzy
Microsoft/Windows 10llm-fuzzy

Patches

Vulnerability mechanics

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-102nvdPatchVendor Advisory
www.exploit-db.com/exploits/38202/nvdExploitThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1033494nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000