CVE-2019-1010208

CVE-2019-1010208 affects Veracrypt/NT Driver (veracrypt.sys) and prior Truecrypt/IDRIX implementations. Root cause: Buffer Overflow in the Veracrypt NT Driver leading to information disclosure on the kernel stack. Impact stated as partial kernel stack information disclosure; attack vector is loca...

CVE-2019-19501

VeraCrypt 1.24 is affected by a Local Privilege Escalation via VeraCryptExpander.exe. The issue arises when an elevated process opens a browser homepage, enabling an attacker with limited admin privileges to hijack registry keys in HKCU (for multiple browsers) and run a malicious script, ultimate...

CVE-2015-7358

CVE-2015-7358 affects TrueCrypt 7.0, VeraCrypt (before 1.15), and CipherShed; the IsDriveLetterAvailable check in the Windows driver (Driver/Ntdriver.c) fails to validate drive-letter symbolic links, enabling a local attacker to remap a system drive and gain full privileges via the GLOBAL?? entry...

CVE-2015-7359

CVE-2015-7359 concerns the Windows kernel driver in TrueCrypt 7.0, VeraCrypt (before 1.15), and CipherShed. The flaw: IsVolumeAccessibleByCurrentUser and MountDevice do not validate the impersonation level of tokens, allowing local users to impersonate a user at SecurityIdentify level and access ...

CVE-2016-1281

The CVE-2016-1281 entry describes an untrusted search path/DLL hijacking vulnerability in installers for TrueCrypt 7.2 and 7.1a , and VeraCrypt before 1.17-BETA (and possibly other products). The issue allows local users to execute arbitrary code with administrator privileges by placing a Trojan ...