Unrated severityNVD Advisory· Published Feb 12, 2014· Updated Apr 29, 2026

CVE-2014-0254

Description

The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via crafted ICMPv6 Router Advertisement packets, aka "TCP/IP Version 6 (IPv6) Denial of Service Vulnerability."

Affected products

Microsoft/Windows 82 versions
cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*
Microsoft/Windows Rt
cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
Microsoft/Windows Server 2012
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/103159nvd
secunia.com/advisories/56775nvd
www.securityfocus.com/bid/65409nvd
www.securitytracker.com/id/1029747nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-006nvd
exchange.xforce.ibmcloud.com/vulnerabilities/90755nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.036
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000