CVE-2014-4077
Microsoft IME Japanese Privilege Escalation Vulnerability
CVSS
—
No CVSS
EPSS
47.7%
p99
KEV
YES
May 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Microsoft / Input Method Editor (IME) Japanese
Vulnerability
Microsoft IME Japanese Privilege Escalation Vulnerability
Added to KEV
May 25, 2022
Remediate by
Jun 15, 2022
Known ransomware use
No
Summary description
Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-4077
No related CVEs by CWE or product.