CVE-1999-0994

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Dec 16, 1999
Updated: Nov 7, 2023
CWE ID 255

Summary

CVE-1999-0994 is a vulnerability affecting Windows NT operating systems. The issue arises due to the reuse of the same keystream for encrypting SAM password hashes as those used for SYSKEY encryption. Attackers can exploit this vulnerability to crack passwords, posing a significant security risk. This weakness in the encryption process enables unauthorized access to sensitive information, potentially leading to serious data breaches. The vulnerability existed in older versions of Windows NT and was addressed with security updates in subsequent releases.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows NT

Affected Vendors

  • Microsoft