CVE-2018-8120

Summary

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows Server 200832-bit Systems Service Pack 2affected
MicrosoftWindows Server 200832-bit Systems Service Pack 2 (Server Core installation)affected
MicrosoftWindows Server 2008Itanium-Based Systems Service Pack 2affected
MicrosoftWindows Server 2008x64-based Systems Service Pack 2affected
MicrosoftWindows Server 2008x64-based Systems Service Pack 2 (Server Core installation)affected
MicrosoftWindows 732-bit Systems Service Pack 1affected
MicrosoftWindows 7x64-based Systems Service Pack 1affected
MicrosoftWindows Server 2008 R2Itanium-Based Systems Service Pack 1affected
MicrosoftWindows Server 2008 R2x64-based Systems Service Pack 1affected
MicrosoftWindows Server 2008 R2x64-based Systems Service Pack 1 (Server Core installation)affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References