CVE-2014-7169
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
99.9%
p100
KEV
YES
Jan 28, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
99.9%EPSS · 30 days99.9%
2026-06-302026-07-16
Product
GNU / Bourne-Again Shell (Bash)
Vulnerability
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
Added to KEV
Jan 28, 2022
Remediate by
Jul 28, 2022
Known ransomware use
No
Summary description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-7169
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2014-6271—100.0%
KEV—80GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability—