CVE-2015-7965

Name: CVE-2015-7965
Creator: NVD / NIST
Published: 2018-03-02T22:29:00.673+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.40%

Last modified Jun 17, 2026

CVE-2015-7965 is a vulnerability of currently unknown severity. SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966.. EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966.

Metrics

EPSS Probability

0.40%

32.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
Gemalto	Safenet Authentication Service Windows Logon Agent	All versions

References

https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/Third Party Advisory
https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdfPatch, Third Party Advisory
https://safenet.gemalto.com/technical-support/security-updates/Vendor Advisory
https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/Third Party Advisory
https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdfPatch, Third Party Advisory
https://safenet.gemalto.com/technical-support/security-updates/Vendor Advisory

Timeline

Published: Mar 2, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2015-7965?

How severe is CVE-2015-7965?

Severity scoring for CVE-2015-7965 is pending analysis. The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.

How do I fix CVE-2015-7965?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-7965?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST