CVE-2014-1812: Microsoft Windows Group Policy Preferences Password
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability. Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
- CISA KEV-listed (remediation due 2022-05-03)
- used in ransomware campaigns
- EPSS 74.6% (98.9% percentile)