CVE-2017-14311

HIGH

NetMechanica NetDecision 5.8.2 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14311. PoCs published by Peter Baris.

AI-analyzed exploit summary This exploit leverages a vulnerability in Netdecision 5.8.2's WinRing0x32.sys driver to achieve local privilege escalation by manipulating the IA32_SYSENTER_EIP MSR register. It uses a crafted IOCTL request to execute shellcode in kernel mode, ultimately spawning a privileged command prompt.

Description

The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows local users to gain privileges via a crafted 0x9C402088 IOCTL call.

Exploits (1)

exploitdb WORKING POC

by Peter Baris · clocalwindows

https://www.exploit-db.com/exploits/42735

View Code ZIP pw:eip

This exploit leverages a vulnerability in Netdecision 5.8.2's WinRing0x32.sys driver to achieve local privilege escalation by manipulating the IA32_SYSENTER_EIP MSR register. It uses a crafted IOCTL request to execute shellcode in kernel mode, ultimately spawning a privileged command prompt.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Netdecision 5.8.2

No auth needed

Prerequisites: Local access to the system · WinRing0_1_2_0 driver installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42735/

Scores

CVSS v3 7.8

EPSS 0.0032

EPSS Percentile 55.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

netmechanica/netdecision 5.8.2

Published Sep 19, 2017

Tracked Since Feb 18, 2026