Vulnerability Details CVE-2018-8140
An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.1%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
- http://www.securityfocus.com/bid/104354
- http://www.securitytracker.com/id/1041108
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8140
- http://www.securityfocus.com/bid/104354
- http://www.securitytracker.com/id/1041108
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8140
Products affected by CVE-2018-8140
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_server_1803:-
-
cpe:2.3:o:microsoft:windows_server_2016:1709