Security Vulnerability CVE-2014-4113 - Complete Analysis and Details
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
TM RedHotCyber 320x100 042514
TM RedHotCyber 970x120 042543

CVE-2014-4113

View the latest critical CVEs issued
This is a free service offered by Red Hot Cyber to the community. It allows you to view, on a single page, information about a single CVE from the National Vulnerability Database (NVD) and the National Institute of Standards and Technology (NIST) of the United States of America, the Forum of Incident Response and Security Teams (FIRST) regarding the EPSS score and percentile, data from the KEV catalog of the Cybersecurity and Infrastructure Security Agency (CISA), as well as selected resources from Red Hot Cyber and other international sources.

National Vulnerability Database Information

Description: win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."

CVSS Base Score: 7.8 (v3.1)

The **CVSS Base Score** is a score from **0 to 10** that represents the intrinsic severity of a vulnerability. A higher score indicates greater severity.

Value
0.02.55.07.510.0
Published on: 10/15/2014 10:55:07
Last modified: 10/22/2025 01:15:56
NIST: CVE source from the National Vulnerability Database (NVD)

CVSS Metrics Details

  • Base Severity: HIGH
  • Vector String: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • User Interaction: REQUIRED
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

Common Weakness Enumeration (CWE)

Database CWE: v4.18

Fonte: MITRE CWE


FIRST Information

EPSS Score: 0.8243

The **EPSS (Exploit Prediction Scoring System)** is a score from **0 to 1** that indicates the **probability** that a vulnerability will be exploited in the real world in the next 30 days. A higher value indicates a greater likelihood of exploitation.

Value
0.00.250.50.751.0

Percentile: 0.9918

The **Percentile** indicates how much higher this vulnerability's EPSS score is compared to all other vulnerabilities in the EPSS database. For example, a percentile of 0.90 (90%) means that 90% of vulnerabilities have an EPSS score equal to or lower than the current one.

Value
0.00.250.50.751.0

*Data updated as of: 2025-12-12


CISA Information (Known Exploited Vulnerabilities)

The **CISA KEV Catalog** lists vulnerabilities that have been **actively exploited in the real world**. If a CVE is present in this catalog, it indicates that the threat is immediate and mitigation should be a top priority.

CVE **CVE-2014-4113** **IS PRESENT** in the CISA KEV Catalog!

  • Vulnerability Name: Microsoft Win32k Privilege Escalation Vulnerability
  • Short Description: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
  • Date Added to KEV: 05/04/2022
  • Vendor/Product: Microsoft / Win32k
  • Required Action: Apply updates per vendor instructions.
  • Due Date: 05/25/2022

Articles published on Red Hot Cyber


NVD References

Exploit PoC from GitHub

  • sam-b/CVE-2014-4113: Trigger and exploit code for CVE-2014-4113
  • johnjohnsp1/CVE-2014-4113: PowerShell CVE-2014-4113
  • nsxz/Exploit-CVE-2014-4113: Exploit CVE-2014-4113
  • wikiZ/cve-2014-4113:
  • MarkoArmitage/metasploit-framework: app turn nil publics and privates into blanks 3 months ago config Use bundler/setup for more graceful bundler related failures 11 days ago data Add token fiddling from nishang 12 hours ago db Revert "Diff triggering comment" 12 days ago documentation Switch to Msf::OperatingSystems::Match::WINDOWS 2 months ago external Use PDWORD_PTR and DWORD_PTR 29 days ago features Up aruba timeout for simplecov overhead 4 days ago lib Check for load errors in reload_all 4 days ago modules Land #4255 - CVE-2014-6332 Internet Explorer 19 hours ago plugins Land #3588, @tobd-r7's Fix SpaceBeforeModifierKeyword Rubocop warning 4 months ago script rails generate cucumber:install 3 months ago scripts delete the old script a month ago spec Remove debug file writes 2 days ago test Fix up comment splats with the correct URI a month ago tools Fix bugs 24 days ago .gitignore Add note about rbenv for rvm .versions.conf local override 24 days ago .gitmodules Add RDI submodule, port Kitrap0d a year ago .mailmap Add @trosen-r7's alias for commits 6 months ago .rspec Add modern --require to .rspec 2 months ago .rubocop.yml Reapply PR #4113 (removed via #4175) 18 days ago .ruby-gemset Restoring ruby and gemset files 6 months ago .ruby-version Oh good, another Ruby version bump 14 days ago .simplecov Remove fastlib 2 months ago .travis.yml Enable fast_finish on travis-ci 12 days ago .yardopts Various merge resolutions from master <- staging 4 months ago CONTRIBUTING.md Add a don't to CONTRIBUTING about merge messages 11 days ago COPYING With 66 days left in 2014, may as well update a month ago Gemfile metasploit-credential bump to 0.13.3 16 days ago Gemfile.local.example Various merge resolutions from master <- staging 4 months ago Gemfile.lock Bump mdm version number 12 days ago HACKING Update link for The Metasploit Development Environment 5 months ago LICENSE Remove fastlib 2 months ago README.md Encourage use of the installer for users. 8 months ago Rakefile Merge branch 'feature/MSP-11130/metasploit-framework-spec-constants' … 24 days ago metasploit-framework-db.gemspec metasploit-credential bump to 0.13.3 16 days ago metasploit-framework-full.gemspec Update metasploit-framework-full.gemspec 23 days ago metasploit-framework-pcap.gemspec Depend on metasloit-framework in optional gemspecs 24 days ago metasploit-framework.gemspec Update meterpreter_bins to 0.0.11 18 days ago msfbinscan Remove fastlib 2 months ago msfcli Fix thread-leaks in msfcli spec 17 days ago msfconsole @wvu-r7 is a skilled negotiator. s/stdout/stderr/ a month ago msfd Remove fastlib 2 months ago msfelfscan Remove fastlib 2 months ago msfencode Remove fastlib 2 months ago msfmachscan Remove fastlib 2 months ago msfpayload fixes merge conflicts msfpayload & exe a month ago msfpescan Remove fastlib 2 months ago msfrop Remove fastlib 2 months ago msfrpc Remove fastlib 2 months ago msfrpcd Remove call to legacy db.sink queue, closes #4244 7 days ago msfupdate Always use maybe_wait_and_exit in msfupdate a year ago msfvenom Fix #4047 - undefined method `rank' due to an invalid encoder name 19 days ago README.md