{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-09T17:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "36392", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/36392/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html"}, {"name": "79623", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/79623"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2291", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "36392", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/36392/"}, {"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr", "refsource": "CONFIRM", "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr"}, {"name": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html"}, {"name": "79623", "refsource": "BID", "url": "http://www.securityfocus.com/bid/79623"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:10:15.716Z"}, "title": "CVE Program Container", "references": [{"name": "36392", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/36392/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html"}, {"name": "79623", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/79623"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2015-2291", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T21:03:06.871246Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2015-2291"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T21:05:09.237Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2291", "datePublished": "2017-08-09T18:00:00.000Z", "dateReserved": "2015-03-13T00:00:00.000Z", "dateUpdated": "2025-02-04T21:05:09.237Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.exploit-db.com/exploits/36392/", "name": "36392", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/79623", "name": "79623", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:10:15.716Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2015-2291", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T21:03:06.871246Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2015-2291"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T21:03:09.611Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-14T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/36392/", "name": "36392", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html", "tags": ["x_refsource_MISC"]}, {"url": "http://www.securityfocus.com/bid/79623", "name": "79623", "tags": ["vdb-entry", "x_refsource_BID"]}], "descriptions": [{"lang": "en", "value": "(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2017-08-09T17:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.exploit-db.com/exploits/36392/", "name": "36392", "refsource": "EXPLOIT-DB"}, {"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr", "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr", "refsource": "CONFIRM"}, {"url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html", "name": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html", "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/79623", "name": "79623", "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-2291", "STATE": "PUBLIC", "ASSIGNER": "cve@mitre.org"}}}}, "cveMetadata": {"cveId": "CVE-2015-2291", "state": "PUBLISHED", "dateUpdated": "2025-02-04T21:05:09.237Z", "dateReserved": "2015-03-13T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2017-08-09T18:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cisaActionDue": "2023-03-03", "cisaExploitAdd": "2023-02-10", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:ethernet_diagnostics_driver_iqvw32.sys:1.03.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "94AFBAC8-D782-4CDC-B961-0EEAD97DA0A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:ethernet_diagnostics_driver_iqvw64.sys:1.03.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B82125E5-B02D-4021-8D5C-DEB11C87CAFB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call."}, {"lang": "es", "value": "(1) IQVW32.sys en versiones anteriores a la 1.3.1.0 y (2) IQVW64.sys en versiones anteriores a la 1.3.1.0 en el controlador de diagn\u00f3sticos de Intel Ethernet para Windows permite que usuarios locales provoquen una denegaci\u00f3n de servicio o, posiblemente, ejecuten c\u00f3digo arbitrario con privilegios kernel mediante una llamada IOCTL (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F o (d) 0x80862007 manipulada."}], "id": "CVE-2015-2291", "lastModified": "2025-04-03T20:27:51.273", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2017-08-09T18:29:00.933", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry", "Broken Link"], "url": "http://www.securityfocus.com/bid/79623"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/36392/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry", "Broken Link"], "url": "http://www.securityfocus.com/bid/79623"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-fr"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/36392/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}