Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0886Microsoft Windows NT vulnerability

CWE-164 documents4 sources
Severity
9.0CRITICALNVD
EPSS
34.3%
top 3.01%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows NT
Timeline
PublishedSep 17
Latest updateApr 30

Description

The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-7gj8-qq5x-7rx5: The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager2022-04-30
CVEList
CVE-1999-0886: The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager2000-01-04

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation1999-09-17
CVE-1999-0886 — Microsoft Windows NT vulnerability | cvebase