What is the CVSS score of CVE-2014-6324?

CVE-2014-6324 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 90.3%.

Which versions of Microsoft are affected by CVE-2014-6324?

CVE-2014-6324 presents significant security risk rated CVSS 8.8. Successful exploitation could significantly impact the confidentiality, integrity, or availability of affected systems.. A patch is available.

Is there a public PoC exploit available for CVE-2014-6324?

Yes, a public proof-of-concept exploit is available for CVE-2014-6324. Prioritise patching immediately. EPSS: 90.3%.

How to fix or mitigate CVE-2014-6324?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Vendor patch is available.

Microsoft CVE-2014-6324

HIGH

2014-11-18 secure@microsoft.com

Information Disclosure Microsoft

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 21, 2026 - 15:22 vuln.today

cvss_changed

Analysis Generated

Mar 26, 2026 - 11:18 vuln.today

Added to CISA KEV

Oct 22, 2025 - 01:16 cisa

CISA KEV

PoC Detected

Oct 22, 2025 - 01:16 vuln.today

Public exploit code

Patch released

Oct 22, 2025 - 01:16 nvd

Patch available

CVE Published

Nov 18, 2014 - 23:59 nvd

HIGH 8.8

DescriptionCVE.org

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."

AnalysisAI

The Windows Kerberos KDC fails to properly validate PAC signatures, allowing any authenticated domain user to forge Kerberos tickets and gain domain administrator privileges. Known as MS14-068, one of the most critical Active Directory vulnerabilities ever disclosed.

Technical ContextAI

The KDC accepts PAC signatures using any checksum algorithm, including weak MD5 (instead of requiring the server's keyed checksum). An authenticated user can request a TGT without a PAC, then generate a forged PAC claiming domain admin membership, sign it with MD5, and present it to the KDC, which incorrectly validates it.

RemediationAI

Apply Microsoft security update MS14-068 immediately to ALL domain controllers. Audit domain admin group membership for unauthorized additions. Check Kerberos event logs for anomalous TGT requests. Consider enabling PAC validation checks.

CVE-2014-6324 vulnerability details – vuln.today

Back

Microsoft CVE-2014-6324

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code