What is the severity of CVE-2014-1812?

CVE-2014-1812 is classified as a moderate severity vulnerability.

How do I fix CVE-2014-1812?

To remediate CVE-2014-1812, apply the appropriate security updates provided by Microsoft for the affected versions.

What systems are affected by CVE-2014-1812?

CVE-2014-1812 affects Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, Windows 8.1, and various versions of Windows Server.

Can CVE-2014-1812 be exploited remotely?

Yes, CVE-2014-1812 can be exploited by remote authenticated users.

What type of information can be compromised due to CVE-2014-1812?

CVE-2014-1812 can lead to unauthorized access to sensitive information as it improperly handles password distribution.

Vulnerability/
CVE-2014-1812

Exploited

critical

CWE

255 522

14/5/2014

10/2/2025

CVE-2014-1812: Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability

First published: Wed May 14 2014(Updated: )

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 7	=sp1
Microsoft Windows 8.0
Microsoft Windows
Microsoft Windows Server	=sp2
Microsoft Windows Server	=r2-sp1
Microsoft Windows Server	=r2-sp1
Microsoft Windows Server
Microsoft Windows Server	=r2
Microsoft Windows Vista	=sp2
Microsoft Windows Operating System

Remedy

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-025

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-1812?
CVE-2014-1812 is classified as a moderate severity vulnerability.
How do I fix CVE-2014-1812?
To remediate CVE-2014-1812, apply the appropriate security updates provided by Microsoft for the affected versions.
What systems are affected by CVE-2014-1812?
CVE-2014-1812 affects Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, Windows 8.1, and various versions of Windows Server.
Can CVE-2014-1812 be exploited remotely?
Yes, CVE-2014-1812 can be exploited by remote authenticated users.
What type of information can be compromised due to CVE-2014-1812?
CVE-2014-1812 can lead to unauthorized access to sensitive information as it improperly handles password distribution.

agent/type
agent/description
agent/title
agent/remedy
agent/first-publish-date
agent/references
agent/author
agent/event
agent/trending
agent/source
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-cve
collector/nvd-index
agent/softwarecombine
agent/tags
exploited/true
collector/cisa-known-exploited
source/CISA
vendor/microsoft
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows 8.0
canonical/microsoft windows
canonical/microsoft windows server
version/microsoft windows server/sp2
version/microsoft windows server/r2-sp1
version/microsoft windows server/r2
canonical/microsoft windows vista
version/microsoft windows vista/sp2
canonical/microsoft windows operating system