CVE-2001-0045 — Microsoft Windows NT vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

1.2%

top 20.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows NT

Timeline

PublishedFeb 16

Latest updateApr 30

Description

The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0, terminal_server+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-47vf-2cv8-2gw3: The default permissions for the RAS Administration key in Windows NT 4↗2022-04-30

▶

CVEList

CVE-2001-0045: The default permissions for the RAS Administration key in Windows NT 4↗2001-02-02

▶