CVE-2014-6324
is CVE-2014-6324real, exploitable, or a false positive? Here's the community ground truth.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."
References
Published
Embed this verdict
[](https://www.truepositive.app/cve/CVE-2014-6324)<a href="https://www.truepositive.app/cve/CVE-2014-6324"><img src="https://www.truepositive.app/cve/CVE-2014-6324/badge.svg" alt="TruePositive verdict for CVE-2014-6324"></a>Live badge — updates automatically as the community verdict changes.
Community ground truth
Community verdict
3 verdictsIncludes TruePositive's curated baseline from public sources — community verdicts accrue on top.
to add your verdict.
In line with its CVSS base score.
Field notes & remediation
Verdicts are the quick signal — notes are the evidence and fixes behind them.
- 0
Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability — The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges. Listed in the CISA KEV catalog (added 2022-03-25) — confirmed exploited in the wild, not theoretical. FIRST EPSS puts the chance of exploitation in the next 30 days at ~87%. Treat it as real and prioritize remediation over triage.
- 0
Required action for Microsoft Kerberos Key Distribution Center (KDC): Apply updates per vendor instructions. CISA set a federal remediation due date of 2022-04-15. After patching, verify the vulnerable path is no longer reachable before closing the finding.
Related CVEs
Same weakness — CWE-264.
- CVE-2014-4113CVSS 7.8KEVEPSS 87%
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
- CVE-2016-7255CVSS 7.8KEVEPSS 81%
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
- CVE-2013-0629CVSS 7.5KEVEPSS 66%
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.
- CVE-2015-1701CVSS 7.8KEVEPSS 56%
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."
- CVE-2016-3309CVSS 7.8KEVEPSS 21%
The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.