High severity7.8NVD Advisory· Published Oct 3, 2017· Updated May 13, 2026

CVE-2015-7359

Description

The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users' mounted encrypted volumes.

Affected products

Ciphershed/Ciphershed
cpe:2.3:a:ciphershed:ciphershed:*:*:*:*:*:*:*:*
Range: <=0.7.5.0
Idrix/Veracrypt
cpe:2.3:a:idrix:veracrypt:*:*:*:*:*:*:*:*
Range: <=1.14
Truecrypt/Truecrypt
cpe:2.3:a:truecrypt:truecrypt:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.htmlnvdThird Party AdvisoryVDB Entry
www.openwall.com/lists/oss-security/2015/09/22/7nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2015/09/24/3nvdIssue TrackingMailing ListThird Party Advisory
code.google.com/p/google-security-research/issues/detailnvdIssue TrackingThird Party Advisory
veracrypt.codeplex.com/wikipagenvdRelease NotesVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000