CVE-2018-8120
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.
Published
2018-05-09T19:29:01.277
Last Modified
2025-04-04T20:30:49.757
Status
Analyzed
Source
[email protected]
Severity
CVSSv3.1: 7.0 (HIGH)
CVSSv2 Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
- Access Vector: LOCAL
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
3.9
Impact Score
10.0
Weaknesses
-
Type: Primary
CWE-404
-
Type: Secondary
CWE-404
Affected Vendors & Products
References
-
http://www.securityfocus.com/bid/104034
Third Party Advisory, VDB Entry, Broken Link
([email protected])
-
http://www.securitytracker.com/id/1040849
Third Party Advisory, VDB Entry, Broken Link
([email protected])
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8120
Patch, Vendor Advisory
([email protected])
-
https://www.exploit-db.com/exploits/45653/
Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/104034
Third Party Advisory, VDB Entry, Broken Link
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securitytracker.com/id/1040849
Third Party Advisory, VDB Entry, Broken Link
(af854a3a-2127-422b-91ae-364da2661108)
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8120
Patch, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://www.exploit-db.com/exploits/45653/
Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)