CVE-2014-1812
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
CVSS
—
Sin CVSS
EPSS
65.1%
p99
KEV
SÍ
3 nov 2021
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Microsoft / Windows
Vulnerabilidad
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Añadido a KEV
3 nov 2021
Remediar antes de
3 may 2022
Uso conocido en ransomware
Sí
Descripción resumida
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2014-1812