Vulnerability CVE-2018-8306


Published: 2018-07-10   Modified: 2018-07-11

Description:
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This affects Microsoft Wireless Display Adapter V2 Software.

Type:

CWE-77

(Improper Neutralization of Special Elements used in a Command ('Command Injection'))

CVSS2 => (AV:A/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.2/10
6.4/10
5.1/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Microsoft -> Wireless display adapter firmware 

 References:
http://www.securityfocus.com/bid/104621
http://www.securitytracker.com/id/1041269
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306

Copyright 2024, cxsecurity.com

 

Back to Top