The remote Windows host is missing security update 5073696. It is, therefore, affected by multiple vulnerabilities

  - An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka     AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL     0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM.
    This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with     high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver)     ransomware campaigns. (CVE-2023-31096)

  - A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which allows     low-privileged users to mapping physical memory via specially crafted IOCTL requests . This can be     exploited for privilege escalation, code execution under high privileges, and information disclosure.
    These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious     code. (CVE-2024-55414)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

KB5073696: Windows Server 2012 R2 Security Update (January 2026)

high Nessus Plugin ID 283471

Version 1.3

Version 1.2

Version 1.3 Jan 16, 2026, 10:12 PM IAVM reference STIG Severity (set to "I") Plugin Feed: 202601162212
Version 1.2 Jan 14, 2026, 5:08 AM CISA reference CVSS metrics ("CVSSv2 score" set to 10.0. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2023-31096" to "CVE-2026-20868") CVSSv2 severity (based on CVE-2026-20868, severity increased from "Medium" to "High") CVSSv3 score source (set to "CVE-2023-31096") New Plugin Feed: 202601140508