Skip to main content

Truecrypt

4 CVEs product

Monthly

CVE-2019-1010208 LOW PATCH Monitor

IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Truecrypt Veracrypt
NVD GitHub
CVSS 3.0
3.3
EPSS
0.5%
CVE-2015-7359 HIGH This Week

The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Ciphershed Veracrypt Truecrypt
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2015-7358 HIGH POC This Week

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation Ciphershed Veracrypt Truecrypt
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.9%
CVE-2016-1281 HIGH POC PATCH This Week

Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Truecrypt Veracrypt
NVD VulDB
CVSS 3.0
7.8
EPSS
0.2%
EPSS 0% CVSS 3.3
LOW PATCH Monitor

IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Truecrypt +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Ciphershed +2
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation Ciphershed +2
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Truecrypt Veracrypt
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy