CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 15, 2022
Description
Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.
EPSS — Exploit Probability
34.3%
Higher than 96.9% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2014-4077
Risk Assessment
ELEVATEDIn CISA KEV
Details
- Severity
- High
- EPSS
- 34.3%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
May 25, 2022
Added to KEV
May 25, 2022
Remediation Due
Jun 15, 2022