Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-4113
HistoryOct 15, 2014 - 10:55 a.m.

CVE-2014-4113

2014-10-1510:55:07
[email protected]
web.nvd.nist.gov
896
In Wild
cve-2014-4113
microsoft windows
server 2003
vista
server 2008
windows 7
windows 8
windows rt
elevation of privilege
nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.677 Medium

EPSS

Percentile

98.0%

JSON

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka β€œWin32k.sys Elevation of Privilege Vulnerability.”

Affected configurations

NVD
Node
microsoftwindows_7Match-sp1
OR
microsoftwindows_8Match-
OR
microsoftwindows_8.1Match-
OR
microsoftwindows_rtMatch-
OR
microsoftwindows_rt_8.1Match-
OR
microsoftwindows_server_2003Match-sp2
OR
microsoftwindows_server_2008Match-sp2
OR
microsoftwindows_server_2008Matchr2sp1
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_vistaMatch-sp2

Related

symantec 1
cisa_kev 1
metasploit 3
exploitpack 2
cvelist 1
zdt 4
seebug 2
threatpost 4
nvd 1
attackerkb 1
prion 1
packetstorm 4
thn 4
exploitdb 5
nessus 1
myhack58 1
openvas 1
fireeye 1
githubexploit 1
securityvulns 1
kaspersky 1
symantec
symantec
Microsoft Windows Kernel 'Win32k.sys' CVE-2014-4113 Local Privilege Escalation Vulnerability
2014-10-14 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-05-04 00:00:00
metasploit
metasploit
Windows Net-NTLMv2 Reflection DCOM/RPC (Juicy)
2019-01-10 16:20:43
Windows TrackPopupMenu Win32k NULL Pointer Dereference
2014-10-23 23:51:30
Windows Net-NTLMv2 Reflection DCOM/RPC
2018-08-03 06:09:24
exploitpack
exploitpack
Microsoft Windows 8.08.1 (x64) - TrackPopupMenu Local Privilege Escalation (MS14-058)
2015-05-19 00:00:00
Microsoft Windows Kernel - win32k.sys Local Privilege Escalation (MS14-058)
2016-04-05 00:00:00
cvelist
cvelist
CVE-2014-4113
2014-10-15 10:00:00
zdt
zdt
Microsoft Windows - Kernel 'win32k.sys' Privilege Escalation (MS14-058)
2016-04-05 00:00:00
Windows TrackPopupMenu Win32k NULL Pointer Dereference Exploit
2014-10-29 00:00:00
Microsoft Windows 8.1 / Server 2012 - Win32k.sys Local Privilege Escalation (MS14-058) Exploit
2019-05-30 00:00:00
seebug
seebug
MS14-058 Windowsε†…ζ ΈζζƒζΌζ΄ž (CVE-2014-4113)
2016-01-29 00:00:00
Windows TrackPopupMenu Win32k NULL Pointer Dereference
2014-11-13 00:00:00
threatpost
threatpost
50k Servers Infected with Cryptomining Malware in Nansh0u Campaign
2019-05-29 13:00:27
Researchers Crack Furtim, SFG Malware Connection
2016-07-18 13:26:09
Malware Dropper Built to Target European Energy Company
2016-07-12 09:31:54
nvd
nvd
CVE-2014-4113
2014-10-15 10:55:07
attackerkb
attackerkb
CVE-2014-4113
2014-10-15 00:00:00
prion
prion
Privilege escalation
2014-10-15 10:55:00
packetstorm
packetstorm
Windows TrackPopupMenu Win32k NULL Pointer Dereference
2014-10-28 00:00:00
Windows 8.0 / 8.1 x64 TrackPopupMenu Privilege Escalation
2015-05-21 00:00:00
Microsoft Windows Net-NTLMv2 Reflection DCOM/RPC Privilege Escalation
2019-01-16 00:00:00
thn
thn
Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware
2019-05-29 18:50:00
State-Sponsored SCADA Malware targeting European Energy Companies
2016-07-13 00:12:00
Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild
2014-10-15 01:14:00
exploitdb
exploitdb
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
2018-10-08 00:00:00
Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit)
2014-10-28 00:00:00
Microsoft Windows 8.0/8.1 (x64) - 'TrackPopupMenu' Local Privilege Escalation (MS14-058)
2015-05-19 00:00:00
nessus
nessus
MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (3000061)
2014-10-15 00:00:00
myhack58
myhack58
HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net
2017-03-01 00:00:00
openvas
openvas
Microsoft Windows Kernel-Mode Driver Privilege Escalation and RCE Vulnerabilities (3000061)
2014-10-15 00:00:00
fireeye
fireeye
CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
2019-04-23 17:45:00
githubexploit
githubexploit
Exploit for Vulnerability in Winmagic Securedoc
2020-06-30 23:01:33
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-10-15 00:00:00
kaspersky
kaspersky
KLA10601 Multiple vulnerabilities in Microsoft products
2014-11-11 00:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.677 Medium

EPSS

Percentile

98.0%

JSON
Related for CVE-2014-4113
symantec1cisa_kev1metasploit3exploitpack2cvelist1zdt4seebug2threatpost4nvd1attackerkb1prion1packetstorm4thn4exploitdb5nessus1myhack581openvas1fireeye1githubexploit1securityvulns1kaspersky1