CVE-2014-4076

EPSS 22.7%

Vexday Risk Score

43Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS —EPSS 22.7%KEV nãoPoC públicaNuclei —Metasploit simPatch referenciado

Lifecycle

11 Nov 2014Metasploit module available

11 Nov 2014Published on NVD

29 Jan 2015Public PoC

Recommendation: Plan a near-term fix — a public PoC already exists.

Who exploits it — 1

Groups known to exploit this vulnerability (MITRE ATT&CK attribution).

APT / StateAPT28Rússia

Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."

Affected products

n/a · n/a

public PoCs found — 5

githubgithub.com/fungoshacks/CVE-2014-4076★ 0 cve_referencewww.exploit-db.com/exploits/37755/unverified cve_referencewww.exploit-db.com/exploits/35936unverified exploitdbwww.exploit-db.com/exploits/35936unverified exploitdbwww.exploit-db.com/exploits/37755unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-070 https://www.exploit-db.com/exploits/37755/http://www.exploit-db.com/exploits/35936 http://www.osvdb.org/114532 http://www.securityfocus.com/bid/70976