Vulnerability CVE-2018-0752

Vulnerability CVE-2018-0752

Published: 2018-01-04

Description:

The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0751.

Type:

CWE-732

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.6/10	6.4/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Microsoft -> Windows 10
Microsoft -> Windows 8.1
Microsoft -> Windows rt 8.1
Microsoft -> Windows server 1709
Microsoft -> Windows server 2012
Microsoft -> Windows server 2016

References:

http://www.securityfocus.com/bid/102360

http://www.securitytracker.com/id/1040095

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0752

https://www.exploit-db.com/exploits/43516/

Copyright 2024, cxsecurity.com