Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges via an entry in the /GLOBAL?? directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TrueCrypt、VeraCrypt和CipherShed 权限许可和访问控制问题漏洞
Vulnerability Description
TrueCrypt、VeraCrypt和CipherShed for Windows都是基于Windows平台的免费、开源的磁盘加密软件。 TrueCrypt 7.0版本、VeraCrypt 1.15之前的版本和CipherShed 0.7.5.0及之前的版本中的Driver/Ntdriver.c文件的IsDriveLetterAvailable方法存在安全漏洞。本地攻击者可利用该漏洞获取提升的权限。
CVSS Information
N/A
Vulnerability Type
N/A