CVE-2014-4076

HIGH
2014-11-11 [email protected]
7.2
CVSS 2.0
Share

CVSS Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

3
Analysis Generated
Mar 26, 2026 - 11:18 vuln.today
PoC Detected
Apr 12, 2025 - 10:46 vuln.today
Public exploit code
CVE Published
Nov 11, 2014 - 22:55 nvd
HIGH 7.2

Tags

Windows

Description

Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."

Analysis

Microsoft Windows Server 2003 SP2 contains a local privilege escalation vulnerability via crafted IOCTL calls to tcpip.sys or tcpip6.sys drivers. Local attackers can exploit improper access control in the TCP/IP driver to gain SYSTEM privileges on the server.

Technical Context

The tcpip.sys and tcpip6.sys drivers in Windows Server 2003 SP2 improperly validate IOCTL request parameters from user-mode applications. A crafted IOCTL call can corrupt kernel memory or bypass access checks, allowing a local user to execute code with kernel/SYSTEM privileges. The TCP/IP driver is always loaded, making this a reliable escalation vector.

Affected Products

['Windows Server 2003 SP2']

Remediation

Upgrade from Windows Server 2003 to a supported operating system. If upgrade is not possible, implement strict network segmentation to limit exposure. Restrict local logon rights to minimize the attack surface. Deploy host-based IDS to detect exploitation attempts.

Priority Score

127
Low Medium High Critical
KEV: 0
EPSS: +61.1
CVSS: +36
POC: +20

Share

CVE-2014-4076 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy